DevSecOps Engineer

About Capgemini Capgemini is an AI-powered global business and technology transformation partner, delivering tangible business value. We imagine the future of organizations and make it real with AI, technology and people. With our strong heritage of nearly 60 years, we are a responsible and diverse group of over 420,000 team members in more than 50 countries. We deliver end-to-end services and solutions with our deep industry expertise and strong partner ecosystem, leveraging our capabilities across strategy, technology, design, engineering and business operations. The Group reported 2025 global revenues of €22.5 billion. About The Role We are looking for an experienced DevSecOps Engineer to take ownership of the cloud infrastructure, security posture, deployment pipelines, and system reliability. In this role, you will act as the primary custodian of the cloud infrastructure. You will serve as the crucial bridge between development and production environments, managing the current AWS-based setup while leading the evolution toward modern container orchestration. This is an excellent opportunity for an infrastructure professional who thrives on ownership, robust security, and building scalable platforms for AI workloads. Key Responsibilities • Cloud Infrastructure Ownership: Manage and scale the AWS cloud environments. Maintain the existing containerized workloads (AWS ECS) while planning, architecting, and executing an upcoming migration to Kubernetes (AWS EKS). • AWS Ecosystem Administration: Provision, configure, and manage essential AWS services supporting the applications. This includes managed relational databases (RDS PostgreSQL), search/analytics (OpenSearch), AI services (Bedrock), and networking/load balancing (ELB). • Security, Access & Network Control: Enforce robust security practices using enterprise tools (AWS WAF, GuardDuty, Firewalls). Manage IAM and RBAC to maintain strict separation of duties. Navigate and manage infrastructure within restricted, enterprise-controlled network environments (e.g., strict subnet isolation). • Production Reliability & DR: Act as the primary gatekeeper for production systems. Establish comprehensive observability (CloudWatch), lead incident response for infrastructure issues, and manage system backups and Disaster Recovery (DR) strategies. • CI/CD & Automation: Administer and optimize the GitLab CI/CD pipelines. Ensure automated security scanning (SAST/DAST, dependency checks) is seamlessly integrated. Explore opportunities to implement Infrastructure as Code (IaC) to automate future deployments. • Compliance & Vulnerability Management: Manage vulnerability patching, coordinate regular penetration testing, and remediate findings. Collaborate with Project Managers to support compliance processes, provide necessary technical documentation and ensuring infrastructure aligns with enterprise security standards. • Vendor Transition: Work closely alongside existing external vendors to map the current architecture, reverse-engineer undocumented configurations, and safely transition infrastructure operations fully in-house. Qualifications • Experience: 3 to 5+ years of hands-on experience in DevOps, DevSecOps, Cloud Engineering, or similar roles, ideally functioning as a primary infrastructure owner. • Cloud & Containers: Strong proficiency in AWS infrastructure and networking. Practical experience managing AWS ECS, with the knowledge required to set up and administer Kubernetes (EKS). • Security & Networking: Deep understanding of secure network architecture, IAM, vulnerability management, and patching in strict, production-grade or restricted-egress environments. • CI/CD Tools: Solid experience building and maintaining CI/CD pipelines (GitLab preferred). • Operational Readiness: Proven experience with system monitoring, logging, production troubleshooting, and managing backups/DR. Bonus Points • Regulated Environments: Experience working with Singapore Government Commercial Cloud (GCC) and IM8 policies, or similar strict compliance frameworks (e.g., in banking/finance). • Infrastructure as Code: Experience with Terraform, AWS CloudFormation, or Ansible. • Modern Workflows: Familiarity with hosting or supporting AI/Machine Learning workloads, and an openness to utilizing AI-assisted coding tools. Let's talk about what's in it for you! Passionate people are Capgemini's Ace of Spades - join us to discover a career that will challenge, support and inspire you. Working at Capgemini you'll find the rewards are more than just financial. You will work alongside some very smart and inspiring people on exciting projects and you will also enjoy incredible benefits. We offer flexible work practices and 40 hours of self-development every year with a huge selection of learning opportunities to choose from. As 'Architects of Positive Futures', Capgemini actively supports the community in 3 ways: Diversity and Inclusion - we believe diversity of thought fuels excellenc...