N

Senior DevSecOps Engineer - Part-Time

salary Salary :

$7,000 - 10,000 monthly

Job Description - Senior DevSecOps Engineer - Part-Time

Job Summary:

The Senior AWS DevSecOps Engineer is responsible for embedding security controls throughout the Software Development Lifecycle (SDLC) and ensuring secure deployment of workloads across AWS cloud environments.

This role supports cloud migration and cloud-native deployments by implementing Shift-Left Security practices, conducting Infrastructure-as-Code (IaC) security reviews, automated security assessment by assessing security findings, validating compliance controls, and driving remediation efforts in collaboration with DevOps teams.

In addition, the role acts as the primary security advisor for cloud engineering teams, ensuring that AWS workloads, CI/CD pipelines, and deployment processes comply with security standards, compliance requirements, cloud security compliance frameworks and organizational governance requirements.

Key Responsibilities:

Shift-Left Security

· Embed security controls throughout the development and deployment lifecycle.

· Govern security implementation within GitLab.

· Review and assess CI/CD pipelines to ensure security gates are enforced.

· Conducting Terraform Infrastructure-as-Code (IaC) security reviews

· Integrate security validation activities into the deployment process.

· Promote secure-by-design and secure-by-default principles.

· Review software delivery processes and identify opportunities for security improvements.

. Terraform IaC Security Review

· Conduct secure code reviews for Terraform Infrastructure-as-Code deployments.

· Review and analyse generated by IaC scanning tools (Checkov, Terrascan).

· Identify excessive IAM permissions and privilege escalation risks.

· Assess network exposure and segmentation controls.

· Validate encryption-at-rest and encryption-in-transit configurations.

· Review logging and monitoring configurations.

· Identify security misconfigurations and hardening gaps.

· Provide remediation recommendations and validate fixes.

AWS Cloud Security Governance

· Review AWS architecture and security configurations.

· Assess AWS services including: IAM, AWS Config, Security Hub, GuardDuty, CloudTrail, KMS, Secrets Manager, VPC, Security Groups, EC2, S3

· Validate implementation of security best practices.

· Review cloud resource configurations against approved security baselines.

Vulnerability Management & Open Source Security

· Review findings generated by IaC scanning tools (CheckOv, Terrascan).

· Assess vulnerabilities identified in third-party libraries and dependencies.

· Review CVE alerts and vulnerability exposure.

· Perform risk prioritisation and remediation tracking.

· Validate remediation effectiveness and closure evidence.

· Assess residual risks and recommend compensating controls where required.

Security Governance, Compliance & Operational Assurance

· Lead cloud security governance across AWS environments by conducting compliance assessments against corporate compliance requirements (Cloudscape, Codescape, AWS Security Best Practices, and internal security standards).

· Perform security baseline reviews, AWS Config compliance assessments, and configuration drift monitoring.

· Review cloud workload and AMI hardening controls, identify compliance gaps, recommend corrective actions, and support audit and regulatory compliance activities.

· Provide security advisory to DevOps teams by analysing security findings, providing remediation recommendations, assessing security deviations, evaluating compensating controls, and documenting risk-based justifications where remediation is not immediately feasible.

· Support security operations through any form of significant security risks where necessary.

· Ensure security activities are delivered in accordance with project timelines by supporting change management, tracking remediation activities, monitoring security deliverables, conducting go-live readiness reviews, and driving continuous improvement of cloud security governance processes.

· Collaborate closely with DevOps Engineers, Cloud Engineers, Architects, Security Teams, Project Managers, and business stakeholders to provide technical guidance, facilitate knowledge transfer, document security standards and remediation outcomes, and strengthen overall cloud security capability within the project and operational teams.

Required Skills & Qualifications

· 5 years or more of experience in DevSecOps related work

· Hands-on experience with:

- GitLab and CI/CD pipeline administration

- Infrastructure as a Code using Terraform

- Familiar with AWS Security Services

- Familiar with Security scanning tools (SAST, DAST, SCA)

- Cloud security governance and compliance reviews

- Vulnerability managemeng and remediation activities

· Security policy enforcement and compliance

· Strong understanding of hybrid cloud architectures.

Key Competencies

· Strong troubleshooting and analytical skills in network and security domains.

· Ability to work in high-pressure, mission-critical environments.

· Good communication and stakeholder engagement skills.

· Attention to detail and strong documentation practices.

· Customer-focused mindset with commitment to service excellence.

Qualifications & Certifications

· Bachelor’s degree in IT, Computer Science, or related field (or equivalent experience).

· Preferred certifications:

- Hashicorp Terraform Associate

- AWS Certified Security

- AWS Certified Solutions Architect - Associate

- Security certifications (e.g., CCSP, Practical DevSecOps Professional (PDSP)) are advantageous

· Experience with cloud security architectures.

· Exposure to cloud security posture management.

Original job Senior DevSecOps Engineer - Part-Time posted on GrabJobs ©. To flag any issues with this job please use the Report Job button on GrabJobs.
Share Job
Share Job

About the Company

NTT SINGAPORE PTE. LTD.

NTT Singapore Pte Ltd (NTTS) is the regional headquarters of NTT Communications Corporation (NTT Com) for Asia Pacific Region. Established in 1997, NTT Singapore has more than 10 years of expertise in providing information and communications technology (ICT) solutions worldwide. NTT Singapore...

Read more about the company
💰

Technology Salaries

Similar Jobs in Singapore

GrabJobs is the no1 job portal in Singapore, connecting you to thousands of jobs fast! Find the best jobs in Singapore, apply in 1 click and get a job today!

Mobile Apps

Copyright © 2026 Grabjobs Pte.Ltd. All Rights Reserved.