Title:  Engineer, DevSecOps

Role Overview

We are seeking a DevSecOps Engineer to design, secure, and operate the delivery pipelines and runtime platforms for Smart MRO digital products. This role sits at the intersection of software delivery, infrastructure, and cybersecurity, supporting deployments across regulated environments while ensuring security, reliability, and operational readiness for long‑term support under Group IT ownership.

Key Responsibilities:

CI/CD & Platform Engineering

• Design, implement, and maintain CI/CD pipelines for Smart MRO digital products using GitLab CI/CD and Docker containerisation.
• Standardise build, test, and deployment pipelines to support secure, repeatable releases across environments.

Security, Compliance & Governance

• Coordinate closely with Group IT, DPS Cybersecurity, and relevant stakeholders to support deployments across enterprise and standalone environments.
• Lead and support security reviews with GISO, including documentation, remediation tracking, and clearance approvals.
• Embed security controls into the Software Development Life Cycle (SDLC), including vulnerability scanning, secrets management, and secure configuration baselines.

Core Platform Ownership

• Own and maintain the core platform architecture, including:
• Web and reverse‑proxy components (e.g., NGINX)
• Container runtime and orchestration (Docker‑based)
• SSL/TLS certificate management and secure endpoint configuration
• Ensure platform stability, performance, and operational visibility.

Operations Readiness (Day‑2)

• Plan and execute the transition from project delivery to Day‑2 operations and maintenance under Group IT ownership.
• Document operational procedures, runbooks, and support models to ensure smooth handover and long‑term maintainability.

Resilience & Continuity

• Establish and ensure Disaster Recovery (DR) and Business Continuity Management (BCM) practices are designed, tested, and maintained.
• Support risk assessments and remediation plans for availability, recoverability, and service resilience.

Data Exchange & Integration

• Design and develop secure data exchange pipelines with external authorities and stakeholders
• Ensure data transfers comply with security, governance, and regulatory requirements, including encryption, access controls, and auditability.

Job Requirements:

• Degree in Computer Science, Computer Engineering, or IT-related fields
• Require 2-3 years of relevant experience in DevOps, DevSecOps, or infrastructure/platform engineering
• Technical Skills (Familiarity with common DevSecOps stacks):
  • CI/CD: GitLab CI/CD pipelines (build, test, deploy automation)
  • Containerisation: Docker, container orchestration
  • Web/Proxy: NGINX or similar reverse-proxy and SSL/TLS certificate management
  • OS/Infra: Linux system administration (RHEL/CentOS preferred)
  • Security: Vulnerability scanning, secrets management, secure configuration baselines (e.g., CIS benchmarks)
• Familiarity with disaster recovery (DR) and business continuity management (BCM) practices is a plus
• Beyond Technical Skills, we value candidates who are able to work across software delivery, infrastructure, and cybersecurity, particularly in secure, on-premises deployment environments. The ability to document operational procedures, runbooks, and support models for handover to Day-2 operations is important.
• Open to Singapore Citizens only.

Work Location:

• 540 Airport Road (Paya Lebar)