Thales Logo

Thales

DevSecOps Engineer

Posted 2 Days Ago
Be an Early Applicant
In-Office
Singapore, SGP
Mid level
In-Office
Singapore, SGP
Mid level
Design, build, and operate Azure-based cloud foundations and Kubernetes platform-as-a-service using IaC (Terraform/OpenTofu) and GitOps. Enable secure, self-service developer workflows, integrate CI/CD, security scanning, SBOMs, and observability, define SLIs/SLOs, run incident response and lifecycle upgrades, and support AI workload enablement.
The summary above was generated by AI
Location: Singapore, Singapore

Thales is a global technology leader trusted by governments, institutions, and enterprises to tackle their most demanding challenges. From quantum applications and artificial intelligence to cybersecurity and 6G innovation, our solutions empower critical decisions rooted in human intelligence. Operating at the forefront of aerospace and space, cybersecurity and digital identity, we’re driven by a mission to build a future we can all trust.

In Singapore, Thales has been a trusted partner since 1973, originally focused on aerospace activities in the Asia-Pacific region. With 2,000 employees across three local sites, we deliver cutting-edge solutions across aerospace (including air traffic management), defence and security, and digital identity and cybersecurity sectors. Together, we’re shaping the future by enabling customers to make pivotal decisions that safeguard communities and power progress.

Responsibilities

  • Cloud infrastructure as code
    • Build the cloud foundation in Terraform and OpenTofu, to a high standard. You design Azure infrastructure to be configurable, so the platform can provision clusters of different profiles, such as front-facing, data-oriented, and developer-oriented, from the same well-factored code.
    • You treat infrastructure as code as software: small, composable modules that assemble into a coherent foundation, with the versioning, review, and testing that keep them reliable and reusable. The desired state lives in Git, the platform reconciles it through GitOps, and drift is detected rather than discovered.
  • Platform engineering on Kubernetes
    • Build platform-as-a-service on that foundation and operate both the platform and the capabilities that run on it: observability, multi-tenancy, RBAC, governance, and FinOps.
    • Alongside the security controls that keep it sound, including Pod Security Standards and Admission, a zero-trust posture with workload-to-workload mTLS, and supply-chain integrity through image signing.
    • New initiative also includes enabling AI workloads, such as model serving and a governed AI gateway.
  • DevOps and golden paths
    • Work across teams to build the golden paths developers follow paved routes for build, test, and release that are efficient and enforce code quality and security by default, so the secure path is also the easy one.
    • You also build the services that support delivery, integrating testing, security scanning, SBOM generation, and observability into the pipeline, so pipeline health, runner configuration, and the state of the delivery system stay visible and well managed.
  • Developer self-service
    • Build the interfaces that let developers' provision what they need, such as team identity and access, correctly configured repositories, namespaces, and cluster resources, without the platform team becoming a bottleneck.
    • The goal is a platform that scales through self-service rather than manual requests, with every capability maturing toward being self-served or provided by default. You document these paths as you build them, so runbooks and golden-path guides are part of the deliverable.
  • Operate and keep it reliable
    • Own the platform at runtime, not just at provisioning. You define and measure the SLIs and SLOs for the capabilities you ship, write the runbooks that make failure recoverable, and lead incident response when the platform degrades.
    • You plan and run lifecycle work, such as cluster and component upgrades, with no data loss and minimal disruption to the teams on top, and when something breaks, you trace it to root cause and fix it accordingly.

REQUIREMENTS:

Education

  • Bachelor's degree in computer science, Information Technology or related field.
  • Master's degree in Computer Science or Information Technology if applicable

Essential Skills/Experience

  • Several years building platform or DevOps capabilities end to end, from a developer problem to a production-grade, self-service solution (three to five years is a useful guide).
  • Strong, hands-on Kubernetes experience in production, including RBAC, admission control, and diagnosing and resolving platform issues under pressure.
  • Solid infrastructure-as-code practice (Terraform or OpenTofu) and a GitOps approach to delivery (FluxCD or Argo CD).
  • A working command of CI/CD pipelines and release strategy (GitLab pipelines, or equivalent).
  • A sound grasp of cloud-native security: least privilege, network segmentation, secrets management, identity, and supply-chain integrity.
  • Operational maturity: defining SLOs, responding to incidents, and running upgrades safely in production.
  • Proficiency in at least one of Go, Python, or Bash, and comfort operating Linux.
  • The conviction that infrastructure is code: version-controlled, reviewed, tested, and secured.

Desirable Skills/Experience

  • Depth in Azure and its native services (AKS, AI Foundry, Network Manager, Key Vault, Entra ID, Application Gateway, Firewall, Private Endpoints).
  • Experience building or operating an internal developer platform or developer portal.
  • Familiarity with supply chain tooling (Sigstore/cosign, Trivy, DefectDojo, or equivalent) and policy engines (Kyverno, OPA/Gatekeeper).
  • Exposure to data-platform components such as a lakehouse, event streaming, or workflow orchestration.
  • Exposure to safety-critical or regulated environments and the assurance discipline they require.

Essential / Desirable Traits

  • You see systems end to end and resist thinking in silos.
  • You translate technology into developer experience and hold several stakeholders' perspectives at once.
  • You treat the platform as a product: you measure adoption and developer experience, and let that evidence, not assumption, guide what to build, harden, or retire next.
  • You have learning agility, flexibility, and initiative.
  • You are comfortable in an agile team and engaging directly with the developers you serve.
  • You hold your convictions with humility, welcome constructive feedback, and stay resilient.

At Thales, we’re committed to fostering a workplace where respect, trust, collaboration, and passion drive everything we do. Here, you’ll feel empowered to bring your best self, thrive in a supportive culture, and love the work you do. Join us, and be part of a team reimagining technology to create solutions that truly make a difference – for a safer, greener, and more inclusive world.

Thales Singapore, Singapore, SGP Office

5 Temasek Boulevard, Floor 17 SuntecTower 5,, Singapore, Singapore, 038985

Similar Jobs

Yesterday
In-Office
Singapore, SGP
Mid level
Mid level
Information Technology • Security • Consulting • Cybersecurity
Design and manage GitLab CI/CD pipelines, automate DevSecOps tooling (SCA, container scanning), and secure/optimize AWS infrastructure. Conduct vulnerability assessments, monitor/respond to incidents, collaborate with teams to embed security across the SDLC, and stay current with security trends.
Top Skills: AlbAmazon AuroraAws EcrAws EcsAws LambdaAws Network FirewallAws Transit GatewayAws WafBashCloudFormationContainer ScanningDockerGcc-2.0GitlabGitlab Ci/CdKubernetesMicrosoft Graph ApiMongoDBMs EntraNlbNode.jsPythonScaTerraform
5 Days Ago
In-Office or Remote
Singapore, SGP
Entry level
Entry level
Blockchain • Fintech • Software • Cryptocurrency • Metaverse
Early-career DevSecOps role focused on securing and automating Binance infrastructure: design/deploy AWS security measures, harden systems, analyze logs for threats, perform access and vulnerability assessments, and build or leverage LLMs for anomaly detection.
Top Skills: AWSDockerGnu/LinuxGoIamKubernetesLlmLog IngestionLogging SystemsNetwork SegmentationNode.jsPythonRuntime ProtectionSecrets ManagementTeleportTerraformVulnerability ManagementVulnerability Scanning
11 Days Ago
In-Office
Singapore, SGP
Senior level
Senior level
Information Technology
Design, build, and secure AWS cloud infrastructure using Terraform and EKS; implement CI/CD with GitLab Runners; integrate security scanning, Policy-as-Code, and GenAI guardrails; deploy enterprise observability (ELK/Prometheus-Grafana, OpenTelemetry) to monitor metrics, logs, and traces; establish SLOs, alerts, and incident response; and embed DevSecOps practices across the SDLC.
Top Skills: Amazon EksApmAWSCi/CdDastElasticsearchElk StackGenai-Based Coding AgentsGitGitlabGitlab RunnersGrafanaInfrastructure As CodeKibanaKubernetesLogstashOpen Policy AgentOpentelemetryPolicy As CodePrometheusSastSentinelSplunkTerraformTerraform CloudTerraform EnterpriseVulnerability Scanning

What you need to know about the Singapore Tech Scene

The digital revolution has driven a constant demand for tech professionals across industries like software development, data analytics and cybersecurity. In Singapore, one of the largest cities in Southeast Asia, the demand for tech talent is so high that the government continues to invest millions into programs designed to develop a talent pipeline directly from universities while also scaling efforts in pre-employment training and mid-career upskilling to expand and elevate its workforce.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account