Senior DevSecOps Engineer

The role. 

We are looking for an engaged and passionate DevOps (DevSecOps Focused) Engineer who is excited by the opportunity to help build systems for our clients while being an important part of our fast-growing Singapore office. At Zuhlke Singapore, we take on innovative projects across many industries and you’ll play a critical role in working closely with clients to develop, test, ship, and run software that meets their needs. You will contribute to the success of our clients while also rapidly learning and further developing your own skills.  

DevSecOps / Security Enablement 

• Embed security controls in CI/CD pipelines (e.g., SAST, DAST, dependency checks, container scans). 

• Automate enforcement of security policies (e.g., secret detection, SBOM generation, license policy gates). 

• Collaborate with DOE Lead and CISO to implement compliance controls (NIST, GovTech standards).Integrate tools like SonarQube, Trivy, Snyk, Checkov, or custom scanners into pipelines. 

• Maintain infrastructure hardening and secure baseline templates (e.g., CIS benchmarks, AMI/Container baselines). 

• Co-own audit and logging configurations (e.g., CloudTrail, Security Hub, WAF logs, GuardDuty alerts). 

Cloud Infrastructure & CICD Operations 

• Maintain and improve secure, automated CI/CD pipelines. 

• Define IaC security validation steps (e.g., Terraform policy-as-code with OPA or Checkov).

• Implement backup, DR, and secrets management workflows in alignment with platformguardrails. 

• Support runtime observability with secure logging and alerting pipelines (e.g., ELK/Opensearch, Prometheus, Grafana).

Day 2 Operations Collaboration 

• Support vulnerability triage and incident response processes. 

• Maintain operational runbooks with security context for SRE rotations. 

• Contribute to secure service rollout (mTLS, ALB/NLB policies, header validations, etc.). 

• Collaborate to address hardening gaps in Day 2 operations. 

What’s important to us. 

• At least 3 years of combined DevOps/Security Engineering experience. 

• Hands-on experience in securing AWS cloud infrastructure (IAM, KMS, GuardDuty, WAF). 

• Hands-on experience in commercial security tools (Next GEN Firewalls, Database Activity Monitoring). 

• Proven experience integrating security checks into GitOps / CI pipelines (e.g., GitLab CI, GitHub Actions, Jenkins). 

• Solid experience with container security: Docker image scanning, Kubernetes RBAC, admission controllers. 

• Proficiency in scripting (Bash, Python, or similar) for automation. 

• Familiarity with compliance requirements: NIST 800‑53, CIS benchmarks. 

• Strong diagnostic skills, especially in cloud networking, TLS configurations, and log analysis. 

• Experience with IaC (Terraform/Helm), GitOps, and configuration management. 

• Bonus: Experience conducting or responding to security audits or VAPT findings. 

What we offer 

• Work life blend: we offer a safe & healthy workplace, with flexible working hours and the possibility to work from home 

• Profit share scheme: In addition to your annual salary, you may receive a profit share defined by the company’s success in the previous year 

• Global and Diverse Zühlke community: witness how colleagues from all our 17 offices across the globe come together to create a unique, positive and inclusive work culture, learning from one another at annual team camps, and celebrating year-end parties and other local festivities. 

• Committed to development: we are committed to the growth of our people and are investing in your development. We’re empowering you to build the skills you need to make a positive impact, both personally and for our clients, today and in the future.