DevSecOps Engineer - A26187

Activate Interactive Pte Ltd (“Activate”) is a leading technology consultancy headquartered in Singapore with a presence in Malaysia and Indonesia. Our clients are empowered with quality, cost-effective, and impactful end-to-end application development, like mobile and web applications, and cloud technology that remove technology roadblocks and increase their business efficiency.

We believe in positively impacting the lives of people around us and the environment we live in through the use of technology. Hence, we are committed to providing a conducive environment for all employees to realize their full potential, who in turn have the opportunity to continuously drive innovation.

We are searching for our next team members to join our growing team.

If you love the idea of being part of a growing company with exciting prospects in mobile and web technologies that create positive impact on people’s lives, then we would love to hear from you.

This is a 12 months fixed term contract role.

What will you do?

• Design, implement, and manage CI/CD pipelines using GitLab to support continuous integration, delivery, and deployment
• Execute routine infrastructure tasks with minimal errors
• Develop automation for recurring tasks with a focus on reuse and modularity
• Use Terraform for infrastructure-as-code across deployments and changes
• Independently deploy and configure complex systems and infrastructure components using IaaS, PaaS, and SaaS technologies across cloud environments, ensuring alignment with functional, security, and policy requirements
• Develop implementation-ready architecture and configuration plans covering compute, storage, network, identity, security, and management systems
• Develop and maintain automated scripts and tools to enhance DevSecOps processes including SCA and container scanning
• Manage and optimize AWS services including ECS, ECR, Aurora, WAF, Network Firewall, Transit Gateway, ALB, and NLB, etc.
• Implement security best practices in cloud environments, focusing on identity management, logging, monitoring, and incident response
• Embed security practices throughout the software development lifecycle in collaboration with development and operations teams
• Conduct regular security assessments, vulnerability scans, and penetration tests to identify and remediate weaknesses
• Contribute to building reliable monitoring, alerts, and observability setups (including Application Performance Monitoring); use data and analytics to troubleshoot and improve systems
• Apply SRE concepts including error budgets, toil reduction, and SLI/SLO definitions in daily work
• Drive infrastructure tasks from planning to completion independently; proactively fix or escalate issues before they worsen
• Monitor and validate the impact of your work in production and POCs, incorporating user feedback and resolving issues promptly
• Communicate risks early and propose solutions to team leads
• Good to Have: Knowledge in MS Entra, MS Graph API, AWS Lambda (Python Serverless)