DevSecOps Engineer

Requirements

• 4-6 years of combined DevOps/Security Engineering experience.
• Hands-on experience in securing AWS cloud infrastructure (IAM, KMS, GuardDuty, WAF).
• Hands-on experience in commercial security tools (Next GEN Firewalls, Database Activity Monitoring).
• Proven experience integrating security checks into GitOps / CI pipelines (e.g., GitLab CI, GitHub Actions, Jenkins).
• Solid experience with container security: Docker image scanning, Kubernetes RBAC, admission controllers.
• Proficiency in scripting (Bash, Python, or similar) for automation.
• Familiarity with compliance requirements: NIST 800‑53, CIS benchmarks.
• Strong diagnostic skills, especially in cloud networking, TLS configurations, and log analysis.
• Experience with IaC (Terraform/Helm), GitOps, and configuration management.
• Bonus: Experience conducting or responding to security audits or VAPT findings.
• Let's talk about what's in it for you!
• As "Architects of Positive Futures" , Capgemini actively supports the community in 3 ways:
• Environmental Sustainability - Capgemini joined the CDP's (Carbon Disclosure Project) prestigious "A list" for its commitment to the Net-Zero economy. We are focusing on helping our clients transform towards more sustainable business models and committing to reduce our own carbon emiss

Additional Information

About Capgemini Capgemini is an AI-powered global business and technology transformation partner, delivering tangible business value. We imagine the future of organizations and make it real with AI, technology and people. With our strong heritage of nearly 60 years, we are a responsible and diverse group of over 420,000 team members in more than 50 countries. We deliver end-to-end services and solutions with our deep industry expertise and strong partner ecosystem, leveraging our capabilities across strategy, technology, design, engineering and business operations. The Group reported 2025 global revenues of €22.5 billion. What You Will Be Working On As the DevSecOps Engineer, you will lead and embed security-first practices across CI/CD, cloud infrastructure, and runtime environments. DevSecOps / Security Enablement Embed security controls in CI/CD pipelines (e.g., SAST, DAST, dependency checks, container scans). Automate enforcement of security policies (e.g., secret detection, SBOM generation, license policy gates). Collaborate with DOE Lead and CISO to implement compliance controls (NIST, Singapore Government standards). Integrate tools like SonarQube, Trivy, Snyk, Checkov, or custom scanners into pipelines. Maintain infrastructure hardening and secure baseline templates (e.g., CIS benchmarks, AMI/Container baselines). Co-own audit and logging configurations (e.g., CloudTrail, Security Hub, WAF logs, GuardDuty alerts). Cloud Infrastructure & CICD Operations Maintain and improve secure, automated CICD pipelines. Define IaC security validation steps (e.g., Terraform policy-as-code with OPA or Checkov). Implement backup, DR, and secrets management workflows in alignment with platform guardrails. Support runtime observability with secure logging and alerting pipelines (e.g., ELK/Opensearch, Prometheus, Grafana). Day 2 Operations Collaboration Support vulnerability triage and incident response processes. Maintain operational runbooks with security context for SRE rotations. Contribute to secure service rollout (mTLS, ALB/NLB policies, header validations, etc.). Collaborate to address hardening gaps in Day 2 operations.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Capgemini Singapore PTE. LTD.? Share your experience