Skip to main content
Back to jobs

Senior AWS DevSecOps Engineer (Ref 26509)

External
JOBLINE RESOURCES PTE. LTD. logoJobline Resources · Singapore
S$96K–S$120K/yrContractUnknownToday
Information Technology
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role


Responsibilities

  • Shift-Left Security
  • Embed security controls throughout the development and deployment lifecycle.
  • Govern security implementation within GitLab.
  • Review and assess CI/CD pipelines to ensure security gates are enforced.
  • Conducting Terraform Infrastructure-as-Code (IaC) security reviews
  • Integrate security validation activities into the deployment process.
  • Promote secure-by-design and secure-by-default principles.
  • Review software delivery processes and identify opportunities for security improvements.
  • Terraform IaC Security Review
  • Conduct secure code reviews for Terraform Infrastructure-as-Code deployments.
  • Review and analyse generated by IaC scanning tools (Checkov, Terrascan).
  • Identify excessive IAM permissions and privilege escalation risks.
  • Assess network exposure and segmentation controls.
  • Validate encryption-at-rest and encryption-in-transit configurations.
  • Review logging and monitoring configurations.
  • Identify security misconfigurations and hardening gaps.
  • Provide remediation recommendations and validate fixes.
  • AWS Cloud Security Governance
  • Review AWS architecture and security configurations.
  • Assess AWS services including: IAM, AWS Config, Security Hub, GuardDuty, CloudTrail, KMS, Secrets Manager, VPC, Security Groups, EC2, S3
  • Validate implementation of security best practices.
  • Review cloud resource configurations against approved security baselines.
  • Vulnerability Management & Open Source Security
  • Review findings generated by IaC scanning tools (CheckOv, Terrascan).
  • Assess vulnerabilities identified in third-party libraries and dependencies.
  • Review CVE alerts and vulnerability exposure.
  • Perform risk prioritisation and remediation tracking.
  • Validate remediation effectiveness and closure evidence.
  • Assess residual risks and recommend compensating controls where required.
  • Security Governance, Compliance & Operational Assurance
  • Lead cloud security governance across AWS environments by conducting compliance assessments against corporate compliance requirements (Cloudscape, Codescape, AWS Security Best Practices, and internal security standards).
  • Perform security baseline reviews, AWS Config compliance assessments, and configuration drift monitoring.
  • Review cloud workload and AMI hardening controls, identify compliance gaps, recommend corrective actions, and support audit and regulatory compliance activities.
  • Provide security advisory to DevOps teams by analysing security findings, providing remediation recommendations, assessing security deviations, evaluating compensating controls, and documenting risk-based justifications where remediation is not immediately feasible.
  • Support security operations through any form of significant security risks where necessary.
  • Ensure security activities are delivered in accordance with project timelines by supporting change management, tracking remediation activities, monitoring security deliverables, conducting go-live readiness reviews, and driving continuous improvement of cloud security governance processes.
  • Collaborate closely with DevOps Engineers, Cloud Engineers, Architects, Security Teams, Project Managers, and business stakeholders to provide technical guidance, facilitate knowledge transfer, document security standards and remediation outcomes, and strengthen overall cloud security capability within the project and operational teams.

Requirements

  • Bachelor's degree in IT, Computer Science, or related field (or equivalent experience).
  • 5 years or more of experience in DevSecOps related work
  • Hands-on experience with: GitLab and CI/CD pipeline administration, Infrastructure as a Code using Terraform, familiar with AWS Security Services, familiar with Security scanning tools (SAST, DAST, SCA), Cloud security governance and compliance reviews, vulnerability management and remediation activities
  • Security policy enforcement and compliance
  • Experience with cloud security architectures and exposure to cloud security posture management
  • Strong understanding of hybrid cloud architectures.
  • Strong troubleshooting and analytical skills in network and security domains.
  • Ability to work in high-pressure, mission-critical environments.
  • Good communication and stakeholder engagement skills.
  • Preferred certifications: Hashicorp Terraform Associate / AWS Certified Security / AWS Certified Solutions Architect - Associate / Security certifications (e.g., CCSP, Practical DevSecOps Professional (PDSP)) are advantageous
  • Shortlisted candidate will be offered a 1 Year agency contract employment.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at JOBLINE RESOURCES PTE. LTD.? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect