DevSecOps Consultant
Sopra SteriaSingapore17 hours ago
Full-timeOther
Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Company:
Sopra Steria is a listed European tech leader specializing in Consulting, Digital Services, and Software. With 60,000 employees worldwide across Europe, North America and Asia, Singapore serves as the HQ for our APAC operations. We focus on delivering Infrastructure, Cloud and Cybersecurity services across the region.
Description:
For this project, we are forming a team of 6 (including 1 team lead) to assist in a huge upcoming government project to perform the following scope of works:
(i) Security Risk Assessment
(ii) Security Policies, Standards, Guidelines, And Procedures Review
(iii) Security Design
(iv) Application Security
(v) Vulnerability assessment and
(vi) System Security Acceptance Testing
(vii) Cloud Security
The selected candidate will be working collaboratively within the team to fulfil the project requirements. As such, there is no expectation for one individual to possess all skill sets in the 6 domains.
As a expert in DevSecOps, your role will focus on providing expert advice, conducting security assessments, and helping government teams build security into every stage of their software development lifecycle.
Responsibilities:
Sopra Steria is a listed European tech leader specializing in Consulting, Digital Services, and Software. With 60,000 employees worldwide across Europe, North America and Asia, Singapore serves as the HQ for our APAC operations. We focus on delivering Infrastructure, Cloud and Cybersecurity services across the region.
Description:
For this project, we are forming a team of 6 (including 1 team lead) to assist in a huge upcoming government project to perform the following scope of works:
(i) Security Risk Assessment
(ii) Security Policies, Standards, Guidelines, And Procedures Review
(iii) Security Design
(iv) Application Security
(v) Vulnerability assessment and
(vi) System Security Acceptance Testing
(vii) Cloud Security
The selected candidate will be working collaboratively within the team to fulfil the project requirements. As such, there is no expectation for one individual to possess all skill sets in the 6 domains.
As a expert in DevSecOps, your role will focus on providing expert advice, conducting security assessments, and helping government teams build security into every stage of their software development lifecycle.
Responsibilities:
- Perform comprehensive risk assessments of development environments, DevOps workflows, and CI/CD processes.
- Review and recommend improvements in areas such as identity and access management, network security, secure SDLC practices, source code management, cryptographic key handling, and data protection.
- Guide application teams on adopting secure development practices and integrating security tools such as SAST, DAST, and VAPT into their workflows.
- Review existing CI/CD pipelines from a security perspective and provide expert recommendations to align with DevSecOps principles.
- Mentor and advise internal teams on secure coding practices across various platforms and languages (e.g., JavaScript, Node.js, Java, C#, Python, etc.).
- Support the development and enforcement of application security policies, standards, and procedures
- Strong experience in DevSecOps with a solid foundation in cybersecurity and risk assessment.
- Hands-on knowledge of secure software development lifecycle (SSDLC) principles and tools.
- Familiarity with integrating security testing tools and practices within CI/CD environments.
- Experience with secure coding and vulnerability assessments across common web and mobile technologies.
- Ability to work with and guide development teams without being directly involved in implementation
- Excellent communication skills and the ability to translate complex security requirements into practical advice
- Regular team buildings
- 18 leave days / year
- Insurance: GP, Hospitalisation, Dental and Optical
- Annual bonus
- Working hours: from 8:30am to 6pm, Monday to Friday
- Training and certifications paths
Key Skills
Ranked by relevanceReady to apply?
Join Sopra Steria and take your career to the next level!
Application takes less than 5 minutes