Senior DevSecOps Engineer

Job description

Summary

We’re hiring multiple roles in Malaysia and Indonesia for existing software products development.

Those who are passionate about cutting-edge technology and cloud security, please reach out to our Talent Acquisition at talent@develab.io

Key Responsibilities

• Implement and operate AWS Cloud Platform Engineering Foundational Services such as account management, cost management, networking, and access control.
• Configure and manage AWS services like AWS Organizations, VPC, CloudFormation, Security Hub, Config, GuardDuty, etc.
• Provide visibility into end-to-end operational and monitoring metrics to product teams, enabling the 'you build it, you run it' model.
• Build AWS resources using Infrastructure as Code with Terraform.
• Work with vendors, users, and product teams to continuously improve AWS cloud-based services delivery.
• Establish and enforce governance and security controls.
• Define technical requirements to meet functional and business SLAs.
• Document technical requirements, issue resolution steps, and runbooks for operational use.
• Develop DevSecOps culture by building, testing, packaging, releasing, and deploying infrastructure as code.
• Automate security checks in CI/CD pipelines.
• Conduct vulnerability assessments on software and infrastructure.
• Develop and implement security policies and procedures.
• Respond to security incidents and coordinate remediation with other teams.
• Monitor security dashboards and alerts to identify potential threats.
• Automate deployment pipelines with security features.
• Utilize cloud infrastructure security tools to secure public cloud environments.

Qualifications

• Bachelor’s degree in IT with excellent academic results (minimum CGPA 3.0 or equivalent).
• Minimum 5 years of experience with AWS Cloud Services such as AWS Organization, EC2, RDS, S3, and AWS Backup.
• Experience in operation and security automation.
• Proficiency in Infrastructure as Code (Terraform).
• Programming with scripting languages such as JavaScript, Bash, Python, or Shell scripting.
• Hands-on experience with DevOps tools like GitLab and AWS CodeDeploy.
• Knowledge of cloud security and compliance frameworks.
• Experience with Kubernetes or other container technologies.
• Familiarity with RDBMS (Oracle, SQL Server, MongoDB, PostgreSQL).
• Experience working in collaborative, matrix-structured, or multinational environments.
• Strong understanding of SDLC, security principles (integrity, confidentiality, availability), and best practices.
• Solid grasp of DevOps principles, including CI/CD, automation, and collaboration.

Must have technical skills

• AWS Cloud Services (EC2, RDS, S3, AWS Organization, AWS Backup)
• Infrastructure as Code (Terraform)
• Security automation and vulnerability assessment
• Scripting (JavaScript, Bash, Python, Shell)
• DevOps tools (GitLab, AWS CodeDeploy)
• Cloud security & compliance
• Kubernetes or container technology
• RDBMS (Oracle, SQL Server, MongoDB, PostgreSQL)

Must have soft skills

• Good command of English, both verbal and written
• Effective communication across business and IT teams
• Strong teamwork and knowledge-sharing attitude
• Active listening and empathy to understand business needs
• Conflict resolution through constructive discussions

Good to have soft skills

• Passion for continuous learning and improvement in DevSecOps
• Experience in multinational or matrix organizations
• Ability to mentor and promote DevSecOps culture within teams