DevSecOps Engineer (Consultant)

About the Role:

We are a growing technology team within the government sector building next-generation Generative AI systems and applications. We are looking for an experienced DevSecOps Engineer to take ownership of our cloud infrastructure, security posture, deployment pipelines, and system reliability.

In this role, you will act as the primary custodian of our cloud infrastructure. You will serve as the crucial bridge between development and production environments, managing our current AWS-based setup while leading our evolution toward modern container orchestration. This is an excellent opportunity for an infrastructure professional who thrives on ownership, robust security, and building scalable platforms for AI workloads.

Key Responsibilities:

·       Cloud Infrastructure Ownership: Manage and scale our AWS cloud environments. Maintain our existing containerized workloads (AWS ECS) while planning, architecting, and executing an upcoming migration to Kubernetes (AWS EKS).

·       AWS Ecosystem Administration: Provision, configure, and manage essential AWS services supporting our applications. This includes managed relational databases (RDS PostgreSQL), search/analytics (OpenSearch), AI services (Bedrock), and networking/load balancing (ELB).

·       Security, Access & Network Control: Enforce robust security practices using enterprise tools (AWS WAF, GuardDuty, Firewalls). Manage IAM and RBAC to maintain strict separation of duties. Navigate and manage infrastructure within restricted, enterprise-controlled network environments (e.g., strict subnet isolation).

·       Production Reliability & DR: Act as the primary gatekeeper for production systems. Establish comprehensive observability (CloudWatch), lead incident response for infrastructure issues, and manage system backups and Disaster Recovery (DR) strategies.

·       CI/CD & Automation: Administer and optimize our GitLab CI/CD pipelines. Ensure automated security scanning (SAST/DAST, dependency checks) is seamlessly integrated. Explore opportunities to implement Infrastructure as Code (IaC) to automate future deployments.

·       Compliance & Vulnerability Management: Manage vulnerability patching, coordinate regular penetration testing, and remediate findings. Collaborate with Project Managers to support compliance processes, provide necessary technical documentation and ensuring infrastructure aligns with enterprise security standards.

·       Vendor Transition: Work closely alongside existing external vendors to map the current architecture, reverse-engineer undocumented configurations, and safely transition infrastructure operations fully in-house.

Qualifications:

·       Experience: 3 to 5+ years of hands-on experience in DevOps, DevSecOps, Cloud Engineering, or similar roles, ideally functioning as a primary infrastructure owner.

·       Cloud & Containers: Strong proficiency in AWS infrastructure and networking. Practical experience managing AWS ECS, with the knowledge required to set up and administer Kubernetes (EKS).

·       Security & Networking: Deep understanding of secure network architecture, IAM, vulnerability management, and patching in strict, production-grade or restricted-egress environments.

·       CI/CD Tools: Solid experience building and maintaining CI/CD pipelines (GitLab preferred).

·       Operational Readiness: Proven experience with system monitoring, logging, production troubleshooting, and managing backups/DR.

Bonus Points:

·       Regulated Environments: Experience working with Singapore Government Commercial Cloud (GCC) and IM8 policies, or similar strict compliance frameworks (e.g., in banking/finance).

·       Infrastructure as Code: Experience with Terraform, AWS CloudFormation, or Ansible.

·       Modern Workflows: Familiarity with hosting or supporting AI/Machine Learning workloads, and an openness to utilizing AI-assisted coding tools.