About the Role
We are seeking a highly skilled DevSecOps Engineer to design, automate, and maintain secure, scalable, and resilient infrastructure and deployment pipelines. You will play a key role in integrating security into development workflows and infrastructure operations across cloud and on-premise environments.
This role requires strong expertise in cloud platforms, infrastructure automation, CI/CD, security engineering, and modern DevSecOps practices. You will work closely with engineering, operations, and security teams to drive automation, reliability, and compliance at scale.
Job description:
Key Responsibilities
- Design, implement, and maintain GitLab CI/CD pipelines to enable reliable continuous integration, delivery, and deployment.
- Perform routine infrastructure activities accurately and consistently, with minimal operational errors.
- Develop reusable and modular automation scripts to streamline recurring operational tasks.
- Apply Terraform to manage infrastructure-as-code for new deployments, configuration changes, and ongoing platform improvements.
- Deploy and configure complex systems and infrastructure components independently across IaaS, PaaS, and SaaS environments, ensuring alignment with functional, security, and policy requirements.
- Prepare implementation-ready architecture and configuration plans covering compute, storage, network, identity, security, and management components.
- Build and maintain automated scripts and tools to strengthen DevSecOps practices, including software composition analysis and container scanning.
- Manage, optimise, and troubleshoot AWS services such as ECS, ECR, Aurora, WAF, Network Firewall, Transit Gateway, ALB, NLB, and related services.
- Implement cloud security best practices, with emphasis on identity management, logging, monitoring, and incident response.
- Work closely with development and operations teams to embed security practices throughout the software development lifecycle.
- Conduct regular security assessments, vulnerability scans, and penetration testing activities to identify and remediate risks.
- Contribute to robust monitoring, alerting, observability, and Application Performance Monitoring setups, using data and analytics to troubleshoot and improve system reliability.
- Apply SRE practices such as error budgets, toil reduction, and SLI/SLO definition in day-to-day engineering work.
- Drive infrastructure tasks independently from planning through completion, proactively resolving or escalating issues before they impact delivery.
- Monitor and validate production and proof-of-concept changes, incorporate user feedback, and resolve issues in a timely manner.
- Communicate risks early and propose practical mitigation options to team leads.
- Good to have: knowledge of Microsoft Entra, Microsoft Graph API, and AWS Lambda using Python serverless development.
Requirements
- Minimum of 2 years of experience in DevSecOps and/or cloud infrastructure management.
- Hands-on experience designing and maintaining GitLab CI/CD pipelines.
- Proficiency in managing AWS services, including ECS, ECR, Aurora, WAF, Network Firewall, Transit Gateway, ALB, NLB, EC2, and Lambda.
- Strong scripting capability in Python or Bash for automation and operational efficiency.
- Practical experience using Terraform for infrastructure-as-code.
- Familiarity with containerisation technologies such as Docker and Kubernetes.
- Experience with security tools and practices, including software composition analysis and container scanning.
- Understanding of SRE principles and operational reliability practices.
- Strong analytical, troubleshooting, and problem-solving skills, with the ability to collaborate effectively in cross-functional teams.
Preferred Qualifications
- Knowledge of Microsoft Entra, Microsoft Graph API, and AWS Lambda using Python serverless development.
- AWS associate-level certification, such as AWS Certified SysOps Administrator or an equivalent relevant certification.
- Software development background with knowledge of secure coding practices.