Job Description

We are looking for a DevSecOps Engineer to take full ownership of our advanced AWS infrastructure, built on AWS Landing Zone architecture. This is a mission-critical role--responsible for ensuring security, compliance, and operational readiness from day one, while laying the foundation for long-term scalability.

Our platform is used by regulated financial institutions, so maintaining a secure and compliant cloud environment is non-negotiable. You will lead the hardening and governance of our multi-account AWS setup, working closely with leadership to ensure the environment remains robust, scalable, and aligned with frameworks like BNM RMiT, ISO 27001, and CIS benchmarks.

Responsibilities
? Operate and govern a multi-account AWS environment built on AWS Landing Zone / Control Tower.
? Enforce security guardrails, SCPs, IAM boundaries, and centralized compliance monitoring.
? Define and manage Infrastructure as Code (IaC) using CloudFormation, Terraform, or CDK.
? Implement centralized logging, monitoring (CloudWatch, CloudTrail), threat detection (GuardDuty), and compliance services (Security Hub, AWS Config).
? Ensure infrastructure is continuously compliant with banking regulations and internal security policies.
? Lead technical aspects of security audits, compliance reviews, and bank onboarding exercises.
? Oversee backup, DR, and high availability configurations in accordance with business continuity requirements.
? Automate secure CI/CD pipelines and ensure shift-left security practices in the SDLC.
? Manage encryption, key management (KMS), and secret governance across accounts.
? Take full ownership of incident response processes, security events, and audit readiness. ? Provide documentation and guidance to support future team scaling and handovers.

Requirements
? Minimum 5 years of experience in DevSecOps, Cloud Security, or Infrastructure Engineering roles.
? Must have hands-on experience operating AWS Landing Zone / AWS Control Tower environments.
? Deep expertise in AWS security and compliance tooling (IAM, Config, GuardDuty, Security Hub, Macie, CloudTrail, etc.).
? Proficiency with Infrastructure as Code (CloudFormation, Terraform, or AWS CDK).
? Experience driving or supporting regulatory audits, technical assessments, or compliance certifications.
? Familiarity with regulated environments (e.g., BNM RMiT, ISO 27001, PCI-DSS).
? Solid understanding of CI/CD pipelines, automated security testing, and secure software supply chain.
? At least one AWS certification is required -- preferably:
? AWS Certified Security - Specialty, or
? AWS Certified DevOps Engineer - Professional, or
? AWS Certified Solutions Architect - Associate/Professional

Preferred Qualifications
? Experience in fintech, SaaS, or other regulated cloud-native environments.
? Knowledge of container and serverless security (ECS, EKS, Lambda).
? Exposure to FinOps principles and cost governance in AWS.

Why Join Us
? Transparent & flat organizational structure
? Highly driven leadership & fast-moving environment
? Work with cutting-edge technology
? Exploration & experimentation of innovative ideas encouraged
? High level of autonomy & self-accountability

Interested candidate, kindly share your latest CV/Resume to:

Gaytry@mesinkira.io, Raj@mesinkira.io, hr@m8tech.com.my

Job Types: Full-time, Permanent

Pay: From RM9,000.00 per month

Benefits:

Health insurance Meal provided Opportunities for promotion Professional development
Ability to commute/relocate:

Kuala Lumpur: Reliably commute or planning to relocate before starting work (Preferred)
Application Question(s):

This position is open to Malaysian citizens / local candidates only.
Work Location: In person

Expected Start Date: 10/01/2025