Senior DevSecOps Engineer

Job Description

We are seeking a dedicated DevSecOps Engineer to join our client's team. Your primary role will be to design, develop and maintain the embedded software continuous integration (CI) and continuous testing pipeline. You will work collaboratively with embedded software team and security team to integrate security measures throughout the Software Development Life Cycle (SDLC) through mutually supportive professional relationships, open and direct communication and respect. You will have the opportunities to research and explore new possibilities using the latest technologies and standards.

The ideal candidate will have deep expertise in security best practices, automation, and cloud platforms, with a focus on integrating security into every stage of the Software Development Life Cycle (SDLC).

Key Responsibilities:

• Infrastructure Provisioning: Setup and manage CI/CD infrastructure, provision and maintain service account(s) per project needs, mange tokens and certificates for tools/apps/services. Server Maintenance, backup and recovery planning for infrastructures and services
• CI/CD Pipeline Setup & Maintenance: Design, implement, and maintain the CI/CD pipelines, create common build platform; setup Jenkins server/ build agents
• Configuration Management: Configuration and maintenance of the environment at each state of the development pipeline
• Monitoring and Logging: Implement pipeline monitoring, alerting and logging to track capacity limit, memory and CPU usage limit; Define and create CI/CD dashboard to track and monitor embedded software build and performance
• Security Integration: Integrate security practices into the software development lifecycle, including vulnerability scanning, code analysis, and compliance checks
• Automation and Scripting: Develop automation scripts and tools to streamline repetitive tasks, improve efficiency, and reduce manual errors in the software development and deployment processes and incorporate compliance checks in the pipeline
• Cloud Security: Implement and enforce security best practices for cloud environments, ensuring robust protection of cloud resources and data
• Collaboration & Communication: Work closely with development, operations, and security teams to foster a security-first mindset and ensure effective communication and collaboration across all stages of the DevSecOps pipeline
• Documentation: Develop and document standard operating procedures and other supporting documentation.

• Project Supports and Mentorship: Provide work estimates and status reports, maintain interaction to ensure assigned tasks are prioritized. Mentor junior engineers and prepare them to be the next generation of technology leaders.

Qualifications

• Bachelor's degree in Computer Science, Computer Engineering, Software Engineering, Electrical Engineering or equivalent
• 7+ years of experience in DevOps with a emphasis on security, preferably prior experience in embedded product development
• Proficiency with DevSecOps tools and technologies such as Jenkins, GitLab, Docker, Kubernetes, Ansible, Terraform, Artifactory
• Good knowledge of cloud platforms (AWS, Azure, GCP) and their security configurations.
• Experience in build and maintain automation playbook using some of these automation technologies such as ansible, python, PowerShell, Chef (ruby) Terraform (HCL), groovy, JavaScript, and other scripting programming.
• Hand-on experience in designing, developing and migrating CI/CD pipelines
• Experience in VMware virtualization products such as VMware vSpher, VMware ESXi and VMware vCenter
• Knowledge of security frameworks and standards (e.g., OWASP, NIST, IEC 62443)
• Good understanding of network security, data encryption techniques, and secure coding practices
• Excellent understanding of Software Development Life Cycle, Continuous Integration and Continuous Delivery
• Good problem-solving skills and ability to think creatively to find solutions to complex problems
• Ability to collaborate effectively with cross-functional teams, including developers, test engineers, and business stakeholders
• Good communication skills, both verbal and written, with the ability to explain technical concepts to non-technical stakeholders
• Ability to manage time effectively and prioritize tasks to meet deadlines
• Flexibility and adaptability to changing priorities and requirements
• Attention to detail and a commitment to producing high-quality work
• Comfortable with Agile methodologies

Charles, Lau Ngie Hao License No.: 02C3423 Personnel Registration No.: R1656741

Please note that your response to this advertisement and communications with us pursuant to this advertisement will constitute informed consent to the collection, use and/or disclosure of personal data by ManpowerGroup Singapore for the purpose of carrying out its business, in compliance with the relevant provisions of the Personal Data Protection Act 2012. To learn more about ManpowerGroup's Global Privacy Policy, please visit https://www.manpower.com.sg/privacy-notice.