SOFTWARE ENGINEER (DevSecOps)

Key Responsibilities Cloud & Platform Engineering • Design, deploy, and maintain cloud infrastructure on Government‑approved cloud platforms (Azure preferred; AWS GovCloud / Hybrid where applicable). • Implement Infrastructure as Code (IaC) using Terraform, ARM, Bicep, or CloudFormation. • Design and operate container platforms using Docker and Kubernetes. • Ensure compliance with availability, backup, disaster recovery, and capacity planning requirements. DevSecOps & Automation • Design and maintain CI/CD pipelines aligned with Government SDLC and change governance processes. • Integrate security controls into pipelines (shift‑left security). • Automate- • Build and deployment • Security scanning • Compliance checks • Environment provisioning • Support multi‑environment deployment (DEV / SIT / UAT / PROD) with proper approvals and segregation. Security & Compliance (Core Focus) • Implement DevSecOps practices across cloud, infrastructure, and applications. • Ensure adherence to - • IM8 / IM8‑aligned Government security controls • PDPA and data protection requirements • Government cloud security baselines • Manage secrets, certificates, and keys using approved secret management services. • Maintain audit trails, logs, and evidence for security reviews and audits. • Support and remediate findings from VAPT and security assessments. Governance & Stakeholder Collaboration • Work with government stakeholders, vendors, and security teams. • Comply with - • Change Management • Security review processes • Deployment and release governance • Prepare and maintain- • Architecture documents • Runbooks and SOPs • Security and compliance documentation Mandatory Skills & Experience Cloud & DevOps • Strong hands‑on experience in Cloud DevOps / DevSecOps roles. • Experience with Azure Cloud (Gov projects preferred). • Strong knowledge of CI/CD tools (Azure DevOps, GitHub Actions, Jenkins, GitLab). • Hands‑on experience with Docker and Kubernetes. • Infrastructure as Code expertise. • Experience managing multi‑environment deployments. Security • Strong understanding of cloud security principles. • Experience implementing security controls in CI/CD pipelines. • Familiarity with secure configuration, network security, IAM, and encryption. • Experience working in regulated or government environments. Tools & Platforms • Git‑based version control. • Monitoring/logging tools (Azure Monitor, Prometheus, ELK, etc.). • Knowledge of Linux and scripting (Bash, PowerShell, Python).