The Clusters and Technology Management Office (CTMO) is spearheading the adoption of modern application delivery and security (AppSec) practices, standards and solution to enable our various application project/product teams to fundamentally improve quality, security and speed of delivery of their applications.
As a Senior DevOps Engineer, you will be a key member of our high performing team responsible for planning and execution of our application delivery modernisation workplan, standardisation of our application delivery and security practices and solutions.
You will also lead in the delivery of CI/CD/DevOps consultancy, training and project engagement with various application project/product delivery teams to enable them to adopt proper CI/CD practices using our SHIP/HATS (DevOps toolchain under Singapore Government Tech Stack).
As a Senior DevOps Engineer, you will have the following job scope and responsibilities:
- Lead in the execution of our Application Delivery Modernisation initiative to promulgate and hasten the adoption of modern application delivery and security practices (e.g. CI/CD, DevOps, “Shift Left” Security, Test Automation, …) to improve the overall application quality, security and time-to-implementation in a heavily outsource application development environment.
- Develop standard technical solutions, e.g. reference CI/CD pipelines, starter kits for test automation/AppSec, scripts for automation of common development and operation tasks to enable application teams to quickly embark on modern application delivery and security practices in a consistent and scalable manner.
- Lead in the delivery of consultancy services to agencies to help them overcome issues in modernising application delivery and security practices. It may entail solving both technical (e.g. recommending conformance to software devt best practices and related automation in CI/CD) and non-technical issues (e.g. advising agencies on the appropriateness and reasonableness of the modernisation proposal/quotation from their vendors).
- Perform security assessments for selected applications using a combination of tools and practices, which include risk assessment, vulnerability research, application security testing, remediation and false-positive advice.
- Degree in Computer Science, Electronic Engineering, Information Technology or equivalent.
- Passion for software delivery automation, standardisation and best practices.
- Passion for cybersecurity, specifically in the area of application security.
- Experience with CI/CD using Atlassian Bamboo, Jenkins, GitLab or other similar tools.
- Experience in application security review and testing such as SAST, SCA or DAST.
- Experience with scripting languages such as Bash, Python or Powershell.
- Experience in public cloud providers such as AWS, Azure or Google Cloud.
- Experience in software-defined infrastructure (e.g. OpenStack, CloudStack, VSphere).
- Possess one or more of these relevant certification, i.e. security: CISSP, CSSLP, CISA or OSCP; cloud: solution architect or devops certification from AWS, Azure or Google Cloud.
- Strong problem-solving and troubleshooting skills.
- Proactive self-starter with an analytical and creative mind.
- Result and customer oriented with multi-tasking capabilities.
- Excellent written, verbal communication, presentation and negotiation skills.
- Singapore citizen or PR only.