DevSecops Engineer

SAGL CONSULTING PTE. LTD.

Job Summary

We are looking for a Senior AWS DevSecOps Engineer to strengthen the security and compliance of enterprise AWS cloud environments. The role focuses on cloud security governance, Infrastructure-as-Code (Terraform) security reviews, CI/CD security, vulnerability management, and ensuring AWS deployments comply with security best practices.

Key Responsibilities

  • Implement DevSecOps and Shift-Left security practices across AWS environments.
  • Review and secure CI/CD pipelines using GitLab.
  • Perform Terraform Infrastructure-as-Code (IaC) security reviews.
  • Assess AWS security services including IAM, GuardDuty, Security Hub, AWS Config, CloudTrail, KMS, VPC and S3.
  • Review vulnerabilities from SAST, DAST, SCA and IaC scanning tools (e.g. Checkov, Terrascan) and drive remediation.
  • Conduct cloud security compliance reviews and provide security guidance to engineering teams.
  • Support cloud security governance, risk assessments and continuous security improvements.

Requirements

  • 5+ years of AWS DevSecOps or Cloud Security experience.
  • Strong hands-on experience with AWS security services.
  • Experience with GitLab CI/CD and Terraform.
  • Knowledge of SAST, DAST, SCA and IaC security scanning tools.
  • Good understanding of cloud security governance, IAM and compliance.
  • AWS Security or Terraform certifications are an advantage.