Senior Software Engineer (DevSecOps)

Requirements

• ▪ 5+ years of professional software engineering experience, with at least 5 years specifically in DevOps orDevSecOps roles.
• ▪ Proven track record delivering production systems with rigorous security controls in cloud-native environments.
• ▪ Experience working in regulated orsecurity-sensitive industries (e.g. fintech, healthtech, SaaS, government) ishighly desirable.
• Technical Skills
• ▪ Languages: Proficiency in at least two of Python, Go, Java, TypeScript, or Rust; shell scripting (Bash) isessential.
• ▪ Cloud Platforms: Deep hands-on experience with AWS, GCP, or Azure - including native security services (e.g.AWS IAM, GuardDuty, Security Hub, KMS).
• ▪ Containers & Orchestration: Kubernetes (CKA/CKS level proficiency preferred), Docker, Helm; experience hardening container runtimes.
• ▪ IaC & Config Management: Terraform (required), Ansible or Chef desirable; policy-as-code tools (OPA,Sentinel).
• ▪ CI/CD & GitOps: Deep familiarity with pipeline architecture; experience with ArgoCD, Flux, or similar GitOps tooling.
• ▪ Security Tooling: Workingknowledge of tools such as Snyk, Trivy, Checkov, SonarQube, Vault (HashiCorp),Falco, or equivalent.
• ▪ Networking & Zero Trust: Understanding of TLS/mTLS, VPNs, service meshes (Istio/Linkerd), WAF configuration, and firewall policies.
• ▪ Observability: Experience with Prometheus, Grafana, OpenTelemetry, Datadog, Splunk, or similar stacks.
• Soft Skills & Mindset
• ▪ Security-first thinking: you naturally ask 'how could this be abused?' before 'does this work?'
• ▪ Strong communication skills - ableto articulate security trade-offs and technical concepts to both technical and non-tech

Additional Information

Aboutthe Role We are looking for a highly experienced Senior Software Engineer with deep expertise in DevOps practicesand a strong security-first mindset. In this role, you will sit at the intersection of software engineering, infrastructure, and cybersecurity - championing a culture where security is built into every stage of the software development lifecycle (SDLC), not bolted on afterwards. You will architect, build, andmaintain robust systems that are both highly functional and resilient to threats. You will work closely with product engineering, security, and platformteams to embed security controls, automate compliance, and drive adoption of DevSecOps best practices across the organisation. KeyResponsibilities Software Engineering &Architecture ▪ Design, develop, and maintainscalable, high-performance software systems with security and reliability ascore non-functional requirements. ▪ Lead technical design reviews,ensuring that both functional correctness and security considerations are addressed from the outset. ▪ Advocate for clean code principles, modular design, and testability, setting the engineering bar for the wider team. ▪ Mentor junior and mid-levelengineers on secure coding standards, architecture patterns, and DevOps practices. DevOps & Platform Engineering ▪ Architect and manage CI/CDpipelines (e.g. GitHub Actions, GitLab CI, Jenkins, CircleCI) with integrated security scanning at every stage. ▪ Build and maintaininfrastructure-as-code (IaC) using tools such as Terraform, Pulumi, or AWSCloud Formation to ensure reproducible, auditable environments. ▪ Manage container orchestration platforms (Kubernetes, ECS) and ensure workloads are hardened against known attack vectors. ▪ Implement robust observability solutions - logging, metrics, tracing, and alerting - to detect anomalies and security events proactively. ▪ Drive reliability engineering practices including SLO/SLI definition, chaos engineering, and incident response playbooks. Security Integration (DevSecOps) ▪ Embed security tooling directlyinto the SDLC: SAST, DAST, dependency scanning (SCA), secrets detection, and container image scanning. ▪ Own and evolve the organisation's threat modelling process, producing actionable risk assessments for new features and infrastructure changes. ▪ Lead vulnerability management: triage security findings, coordinate remediation, and track closure within agreed SLAs. ▪ Ensure compliance with relevant security frameworks (e.g. SOC 2, ISO 27001, NIST CSF, CIS Benchmarks) through automated policy enforcement and audit trails. ▪ Conduct and participate insecurity reviews, penetration test scoping, and post-mortem analyses for security incidents. ▪ Champion a Zero Trust architecture approach across the platform, including identity and access management (IAM),network segmentation, and least-privilege principles. Collaboration & Culture ▪ Partner with Product, QA, and Security teams to define and uphold engineering standards that balance velocity with risk. ▪ Act as a subject-matter expert and internal consultant on DevSecOps topics, running workshops and brown-bag sessions to upskill peers. ▪ Contribute to hiring and technical interviews, helping the team grow with engineers who share a security-conscious engineering philosophy.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at AI SYSTEM INTEGRATOR ASIA PTE. LTD.? Share your experience