Full Scale

Staff DevSecOps Engineer

Posted 10 Hours Ago

Be an Early Applicant

Hiring Remotely in Philippines, Autonomous Region in Muslim Mindanao, PHL

Remote

Expert/Leader

Information Technology • Professional Services • Software • Consulting

The Role

Lead improvements to cloud and software delivery security across Azure and AKS. Secure CI/CD, containers, secrets, and infrastructure as code; manage vulnerabilities, least-privilege access, and audit readiness while partnering with engineering, IT, product, quality, and compliance teams.

Summary Generated by Built In

This is a remote position.

Join one of the Philippines' fastest-growing tech companies. Open to Philippine-based candidates only, with required overlap with US Central business hours.

About Us

Full Scale is a fully remote-first company that helps businesses build dedicated teams of skilled software engineers. We make it easier for growing companies to find, onboard, and retain high-performing software talent.

About the Role

We are looking for a Staff DevSecOps Engineer to help strengthen the security of our software delivery lifecycle, cloud infrastructure, and production environment.
This is a senior individual contributor role with direct visibility to leadership and broad cross-functional influence. You will work closely with engineering, IT, product, quality, and compliance teams to improve CI/CD security, software supply chain security, Azure and AKS security posture, infrastructure security baselines, vulnerability management, privileged access controls, and technical audit readiness.
This role is ideal for someone who is highly hands-on, practical, and comfortable driving security improvements across cloud platforms, Kubernetes, identity systems, pipelines, and production workflows.

Key Responsibilities:

10+ years of experience in DevOps, SRE, platform engineering, cloud security, security engineering, or related infrastructure roles
5+ years of experience in DevSecOps, cloud security, application security, or production security engineering
Deep hands-on experience with Azure, including AKS, Entra ID, networking, storage, Azure SQL, secrets management, monitoring, and access controls
Strong experience securing CI/CD pipelines, dependencies, containers, secrets, and shift-left security tooling
Hands-on Kubernetes and container security experience, including workload identity, network controls, and runtime hardening
Experience with infrastructure as code using Terraform, Bicep, or similar tooling
Scripting skills in Python, Go, Bash, PowerShell, or a similar language
Strong vulnerability management experience with practical risk-based prioritization
Experience with least-privilege and just-in-time production access models
Ability to work directly with engineering teams, influence without authority, and drive work independently
Strong written communication skills for documentation, findings, exceptions, and audit evidence

Requirements

8+ years of experience in DevOps, SRE, platform engineering, cloud security, security engineering, or related infrastructure roles
5+ years of experience in DevSecOps, cloud security, application security, or production security engineering
Deep hands-on experience with Azure, including AKS, Entra ID, networking, storage, Azure SQL, secrets management, monitoring, and access controls
Strong experience securing CI/CD pipelines, dependencies, containers, secrets, and shift-left security tooling
Hands-on Kubernetes and container security experience, including workload identity, network controls, and runtime hardening
Experience with infrastructure as code using Terraform, Bicep, or similar tooling
Scripting skills in Python, Go, Bash, PowerShell, or a similar language
Strong vulnerability management experience with practical risk-based prioritization
Experience with least-privilege and just-in-time production access modelsAbility to work directly with engineering teams, influence without authority, and drive work independentlyStrong written communication skills for documentation, findings, exceptions, and audit evidence

Nice to Have

Experience in regulated or high-assurance environments such as HIPAA, SOC 2, ISO 13485, ISO 27001, FDA-regulated software, healthcare SaaS, or fintech
Experience with SaMD, FDA QMSR, ISO 13485/MDSAP, or validated software development environments
Familiarity with Aikido, CrowdStrike, Vanta, New Relic, or similar tools
Experience with SAML, OIDC, SCIM, SSO, MFA, Conditional Access, PIM, and access reviews
Experience with Azure Policy, Defender for Cloud, Sentinel, Log Analytics, Key Vault, managed identities, and workload identity
Experience with GitHub Actions, Azure DevOps, Playwright, TUnit, or similar tooling
Experience with threat modeling, architecture reviews, incident response, disaster recovery, or ransomware resilience
Relevant certifications such as Azure Security Engineer Associate, CKS, CCSP, or CISSP

Benefits

Why Join Us

Fully remote work setup
Work from anywhere in the Philippines
High-impact role with strong ownership and leadership visibility
Opportunity to shape secure engineering standards and cloud security practices
Work on meaningful infrastructure, platform, and software security challenges
Collaborate with a high-performing team that values trust, ownership, and technical excellence

Skills Required

8+ years in DevOps, SRE, platform engineering, cloud security, or related infrastructure roles
5+ years in DevSecOps, cloud security, application security, or production security engineering
Deep hands-on experience with Azure (AKS, Entra ID, networking, storage, Azure SQL, monitoring, access controls)
Strong experience securing CI/CD pipelines, dependencies, containers, secrets, and shift-left tooling
Hands-on Kubernetes and container security experience (workload identity, network controls, runtime hardening)
Experience with infrastructure as code using Terraform, Bicep, or similar tooling
Scripting skills in Python, Go, Bash, PowerShell, or similar
Strong vulnerability management with risk-based prioritization
Experience with least-privilege and just-in-time production access models
Ability to work directly with engineering teams, influence without authority, and drive work independently
Strong written communication skills for documentation, findings, exceptions, and audit evidence
Familiarity with CI/CD platforms such as GitHub Actions or Azure DevOps
Experience with SAML, OIDC, SCIM, SSO, MFA, Conditional Access, PIM, and access reviews
Experience with Azure Policy, Defender for Cloud, Sentinel, Log Analytics, Key Vault, managed identities, and workload identity
Experience in regulated or high-assurance environments (HIPAA, SOC 2, ISO 27001, FDA, fintech)
Familiarity with tools like CrowdStrike, Vanta, New Relic, Aikido
Experience with threat modeling, architecture reviews, incident response, disaster recovery, or ransomware resilience
Relevant certifications such as Azure Security Engineer Associate, CKS, CCSP, or CISSP
Experience with testing/automation tooling (Playwright, TUnit)

View all jobs at Full Scale

View Full Scale Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

322 Employees

Year Founded: 2018

What We Do

Full Scale is an offshore development company that provides vetted software engineering teams from the Philippines. Founded in 2018, it solves traditional offshoring problems like high turnover and inconsistent quality by employing a full-time employment model and a respect-first culture, helping businesses scale their technical teams with high-quality developers who think like product owners.