DevSecOps Engineer
DevSecOps Engineer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Job description
About WhiteCoat
WhiteCoat () is a regional digital healthcare provider founded and headquartered in Singapore which has established itself as a trusted partner and leading provider in the digital healthcare space across Southeast Asia. WhiteCoat offers on-demand telemedicine services and other services through innovation and data-driven technology.
WhiteCoats core services include primary care tele-consultations chronic disease management health screening services and home-based medical services. As a digital healthcare leader WhiteCoat partners insurance providers conglomerates and other private government and financial organisations to spearhead the way for wider access to affordable healthcare across the region.
What you will be doing
We are looking for a DevSecOps Engineer to help build secure and automate WhiteCoats digital infrastructure while maintaining our ISO 27001-certified Information Security Management System (ISMS). As a DevSecOps Engineer you will work closely with our engineering QA and compliance teams while being mentored by senior technical leads. This role reports to Director Technical Programme (WhiteCoats DevSecOps Lead).
On a day-to-day basis this means you will:
Maintain and optimise CI/CD pipelines for microservices mobile apps and infrastructure-as-code (IaC) using GitHub Actions GitLab CI Terraform and Helm.
Automate AWS environment provisioning and patching across dev staging and production enforcing least privilege through IAM and policy management.
Monitor and respond to system alerts via CloudWatch GuardDuty and Wazuh; lead incident response calls conduct post-mortems and refine response playbooks.
Enforce change management controls and safe deployment practices in line with internal security policies.
Maintain and continuously improve our ISMS including ISO 27001 documentation risk treatment plans and corrective action tracking.
Review and update security policies such as Access Control Cryptography MDM and Third-Party Risk on a regular basis.
Conduct periodic risk assessments vendor reviews and internal audits; prepare for external ISO surveillance audits.
Lead quarterly security awareness training and deliver onboarding briefings to new team members.
Prepare and present monthly security KPIs and audit updates to technical and business leadership.
Our Benefits
Make a Real Impact: Opportunity to contribute to a leading digital health companys rapid growth.
Fast-paced Start-up Environment: Experience an environment where you get to own and make tangible impact without bureaucracy getting in the way of rapid decision-making.
Great Team: Collaborate with intelligent friendly and supportive professionals from diverse backgrounds.
Hands-on Learning & Growth: Dual-track mentorship in DevOps and InfoSec with exposure to a real-world ISO-certified environment.
Competitive Compensation & Benefits: Competitive compensation and performance-based bonus. Holistic health insurance for your peace of mind for both in-patient and out-patient coverage.
How to apply
If you believe you have what it takes for this role click Apply and join us on our journey to make a positive impact on the lives of people through innovative healthcare solutions!
Job requirements
What we are looking for
Required:
Experience with AWS core services (e.g. EC2 VPC IAM S3 RDS).
Proficiency with Terraform or CloudFormation for infrastructure-as-code.
Familiarity with Linux systems and scripting in Bash or Python.
Working knowledge of ISO 27001 controls and awareness of PDPA/GDPR principles.
Strong communication skillsespecially for writing post-incident reports audit findings and policy documentation.
Good to have:
Diploma or Bachelors degree in Computer Science Information Security Engineering or a related discipline.
03 years of experience in DevOps SysAdmin or Security roles (internships included). We are open to fresh graduates with relevant security experiences.
AWS Cloud Practitioner certification or ability to obtain it within 6 months of joining.
Proficiency with Docker/Kubernetes.
Experience with SIEM tools such as Wazuh ELK and Splunk.
Experience with vulnerability management (e.g. SCA container scanning Nessus).
CompTIA Security AWS Security Specialty or ISO 27001 Lead Implementer/ Auditor certs.
All done!
Your application has been successfully submitted!
Employment Type
Full-Time
