DevSecOps Engineer

About the Role

Our client is a global leader in digital shopper marketing. Backed by decades of shopper research and deep category expertise, the business uses a proprietary framework and a digital-first approach to help clients navigate an evolving retail landscape.

Our client is looking for a hands-on DevSecOps Engineer to help strengthen and support a secure, reliable, and efficient engineering environment. This role will work closely with both Engineering and IT teams to improve infrastructure and deployment practices, embed practical security measures, and reduce unnecessary complexity across the environment.

Key Responsibilities

Cloud Infrastructure & Deployment

• Design, build, and maintain cloud infrastructure, primarily within Azure
• Support and improve CI/CD pipelines and deployment workflows
• Help create simpler, more stable, and more reliable engineering environments

Security in Engineering Workflows

• Integrate security practices into CI/CD processes, including SAST, dependency scanning, and secrets management
• Partner with Engineering teams to identify and address vulnerabilities in a practical, balanced way
• Ensure security measures are effective without creating unnecessary friction for development teams

Identity & Access Management

• Support application and service access through Entra ID / Azure AD
• Help implement secure authentication and authorization practices, including SSO, RBAC, and least-privilege access
• Contribute to more consistent access controls across systems and services

Monitoring & Incident Response

• Set up and refine logging, monitoring, and observability practices
• Assist with incident response and root cause investigations
• Improve signal-to-noise ratio by focusing monitoring efforts on the most meaningful alerts

Tooling & Architecture Improvement

• Review existing tools and identify opportunities to reduce duplication or unnecessary overlap
• Avoid adding unnecessary vendors or overly complex solutions
• Leverage built-in platform capabilities, particularly within Azure and the Microsoft ecosystem, where appropriate

Requirements

• Strong hands-on experience with Azure or a comparable cloud platform
• Experience building, maintaining, and improving CI/CD pipelines
• Familiarity with security practices such as SAST, dependency scanning, and secrets management
• Exposure to container security is an advantage
• Experience with identity and access management tools such as Entra ID / Azure AD and SSO
• Comfortable collaborating across both engineering and IT functions

Preferred Mindset

• Practical and solutions-focused
• Views security as something that enables delivery rather than blocks it
• Comfortable making sensible trade-offs
• Strong preference for simplification over unnecessary complexity
• Willing to challenge existing tools and processes rather than automatically adding more

Work Setup

• Hybrid (3x a week) in Makati
• Night shift