DevSecOps Engineer

Responsibilities:

• Design, implement, and manage CI/CD pipelines using GitLab to support continuous integration, delivery, and deployment
• Execute routine infrastructure tasks with minimal errors
• Develop automation for recurring tasks with a focus on reuse and modularity
• Use Terraform for infrastructure-as-code across deployments and changes
• Independently deploy and configure complex systems and infrastructure components using IaaS, PaaS, and SaaS technologies across cloud environments, ensuring alignment with functional, security, and policy requirements
• Develop implementation-ready architecture and configuration plans covering compute, storage, network, identity, security, and management systems
• Develop and maintain automated scripts and tools to enhance DevSecOps processes including SCA and container scanning
• Manage and optimise AWS services including ECS, ECR, Aurora, WAF, Network Firewall, Transit Gateway, ALB, and NLB, etc.
• Implement security best practices in cloud environments, focusing on identity management, logging, monitoring, and incident response
• Embed security practices throughout the software development lifecycle in collaboration with development and operations teams
• Conduct regular security assessments, vulnerability scans, and penetration tests to identify and remediate weaknesses
• Contribute to building reliable monitoring, alerts, and observability setups (including Application Performance Monitoring) use data and analytics to troubleshoot and improve systems
• Apply SRE concepts including error budgets, toil reduction, and SLI/SLO definitions in daily work
• Drive infrastructure tasks from planning to completion independently proactively fix or escalate issues before they worsen
• Monitor and validate the impact of your work in production and POCs, incorporating user feedback and resolving issues promptly
• Communicate risks early and propose solutions to team leads
• Good to Have: Knowledge in MS Entra, MS Graph API, AWS Lambda (Python Serverless)

Requirements:

• At least 2 years of experience in DevSecOps and/or cloud infrastructure management
• Hands-on experience with GitLab CI/CD pipelines
• Proficiency in managing AWS services (ECS, ECR, Aurora, WAF, Network Firewall, Transit Gateway, ALB, NLB, EC2, Lambda)
• Scripting skills in Python or Bash for automation
• Proficiency in Terraform for infrastructure-as-code
• Familiarity with containerisation technologies (Docker, Kubernetes)
• Experience with security tools and practices including SCA, container scanning
• Familiarity with SRE principles and practices
• Strong problem-solving skills and ability to work effectively in cross-functional teams

Preferred:

• Experience with GCC-2.0 cloud environments, penetration testing, Ansible
• Knowledge of MS Entra, MS Graph API, AWS Lambda (Python Serverless)
• AWS associate-level certification (e.g., AWS Certified SysOps Administrator, or relevant)
• Background in software development with knowledge of secure coding practices

By proceeding with the job application, you are deemed to have read and acknowledged our https://www.totalebizsolutions.com/job-applicant-privacy-policy and consented to us using the personal data you shared for the purpose stated in the said policy.