DevSecops Engineer
SAGL CONSULTING PTE. LTD.
Job Summary
We are looking for a Senior AWS DevSecOps Engineer to strengthen the security and compliance of enterprise AWS cloud environments. The role focuses on cloud security governance, Infrastructure-as-Code (Terraform) security reviews, CI/CD security, vulnerability management, and ensuring AWS deployments comply with security best practices.
Key Responsibilities
- Implement DevSecOps and Shift-Left security practices across AWS environments.
- Review and secure CI/CD pipelines using GitLab.
- Perform Terraform Infrastructure-as-Code (IaC) security reviews.
- Assess AWS security services including IAM, GuardDuty, Security Hub, AWS Config, CloudTrail, KMS, VPC and S3.
- Review vulnerabilities from SAST, DAST, SCA and IaC scanning tools (e.g. Checkov, Terrascan) and drive remediation.
- Conduct cloud security compliance reviews and provide security guidance to engineering teams.
- Support cloud security governance, risk assessments and continuous security improvements.
Requirements
- 5+ years of AWS DevSecOps or Cloud Security experience.
- Strong hands-on experience with AWS security services.
- Experience with GitLab CI/CD and Terraform.
- Knowledge of SAST, DAST, SCA and IaC security scanning tools.
- Good understanding of cloud security governance, IAM and compliance.
- AWS Security or Terraform certifications are an advantage.