Senior DevSecOps Engineer Jobs in Singapore
Close Search

    Senior DevSecOps Engineer

      Consultant:
      Grace Lim
      Job Reference No.
      Registration No.
      R1988923
      License No.
      16S8060
      Function
      Cybersecurity & GRC
      Industry
      Energy & Commodities

      We are looking for a hands-on Senior DevSecOps Engineer to embed security into build, deployment, and runtime environments across cloud and on-prem platforms. This role focuses on automation, secure-by-design pipelines, and cloud-native security, working closely with developers, platform engineers, and security teams to enable fast, safe delivery.

      This is a builder role, ideal for someone who enjoys automation, infrastructure, and security engineering, and wants to make security frictionless for engineering teams.

      Responsibilities:

      DevSecOps & CI/CD Security

      • Design, build, and maintain secure CI/CD pipelines with embedded security controls (SAST, SCA, secrets scanning, IaC scanning).

      • Integrate security checks into build and release pipelines while minimising developer friction.

      • Implement secure build, test, and release gates aligned to organisational risk appetite.

      Cloud & Platform Security

      • Support secure deployment and operations of applications across cloud environments (AWS / Azure / GCP).

      • Apply security best practices across IAM, networking, logging, monitoring, and encryption.

      • Work with container platforms (Docker, Kubernetes) to enforce runtime security and configuration hardening.

      Infrastructure as Code & Automation

      • Build and maintain Infrastructure as Code (IaC) using tools such as Terraform, ARM, CloudFormation, or similar.

      • Ensure IaC templates follow secure-by-default patterns and are auditable and reusable.

      • Automate security configuration and compliance checks where possible.

      Security Tooling & Observability

      • Integrate and tune security tools (e.g. SAST, DAST, SCA, CSPM, container scanning).

      • Improve visibility through logging, metrics, and monitoring for security-relevant events.

      • Support incident response by providing pipeline, deployment, and runtime insights.

      Collaboration & Enablement

      • Partner closely with software engineers, platform teams, and security architects.

      • Provide practical guidance to developers on secure coding, pipeline usage, and remediation.

      • Contribute to documentation, standards, and reusable DevSecOps patterns.

      Requirements:

      • 3-10 years of hands-on experience in DevOps, DevSecOps, or Security Engineering roles.

      • Strong experience with CI/CD pipelines (GitHub Actions, GitLab CI, Azure DevOps, Jenkins, etc.).

      • Solid understanding of cloud platforms (AWS, Azure, or GCP).

      • Experience with containers and orchestration (Docker, Kubernetes).

      • Familiarity with security tooling such as SAST, SCA, secrets scanning, IaC scanning.

      • Good working knowledge of Linux, networking basics, and application deployment.

      To apply:

      If you’re interested to apply or find out more, please share across your CV or reach out to Chen Yi at cy@kerryconsulting.com for a discussion. Due to anticipated high volume of applications, we regret to inform that only shortlisted candidates will be notified.

      Reg: R1876389

      Lic: 16S8060

      Apply for this position
      Open positions from Grace Lim
      Client Partner, Cybersecurity Solutions

      Our client is a Global cybersecurity services firm specialising in high-end incident response, threat investigations, and cyber readiness. As they continue to expand across the region, they are seeking...

      View position
      Lead Cloud Architect (APAC), Global Manufacturing

      Overview
      Our client is a Global Manufacturing group with a strong presence across the APAC region. As part of its ongoing digital and cloud transformation, the organisation is...

      View position
      Vulnerability Management Lead (Tenable), Global Firm

      A leading global firm is looking for a Vulnerability Management Lead (Tenable) to champion a newly built capability and drive its strategic vision. In this high-visibility role, you will shape how vulnerability...

      View position
      Senior Incident Response Lead (Cyber)

      Kerry Consulting is currently partnering multiple organisations to hire for a Senior Incident Response Lead (Cyber). These newly created roles are pivotal in safeguarding the enterprise against evolving...

      View position
      DFIR Specialist, Public Institution

      Kerry Consulting is partnering a Public Institution to hire for a DFIR Specialist (Cat1 Security Clearance is required). You will support daily security operation and lead technical investigations involving...

      View position
      Cyber Threat Detection Analyst (West)
      A global firm is looking to hire a Cyber Threat Detection Analyst to join its international cyber intelligence and response operations. Operating across multiple regions in a 24/7 follow-the-sun model,...
      View position