Key Facts

Remote From:

Philippines

Category: DevSecOps Engineer

Fixed term

Senior (5-10 years)

English

Hard Skills

DevSecOps Microsoft Azure Kubernetes Vulnerability Management CI/CD Infrastructure as Code (IaC) Scripting Access Controls Application Security Health Insurance Portability And Accountability Act (HIPAA) Compliance +13 more

Other Skills

•
Communication
•
Collaboration
•
Problem Solving

Roles & Responsibilities

10+ years of experience in DevOps, SRE, platform engineering, cloud security, or security engineering
5+ years of experience in DevSecOps, cloud security, application security, or production security engineering
Deep hands-on experience with Azure, including AKS, Entra ID, and networking
Strong written communication skills for documentation and audit evidence

Requirements:

Strengthen security of the software delivery lifecycle and cloud infrastructure
Improve CI/CD security, software supply chain security, and infrastructure security baselines
Drive security improvements across cloud platforms, Kubernetes, and production workflows
Work closely with engineering, IT, product, quality, and compliance teams

Full Scale

About Full Scale

Full Scale is a tech services company that helps businesses build teams of software engineers. Our goal is to make finding and retaining highly experienced software engineers fast, easy and affordable. As lifelong entrepreneurs and software startup founders, we tore pages out of our own playbooks in order to create a service offering that is for Founders, by Founders! Matt DeCoursey is a Kansas City-based entrepreneur, co-founder, and CEO of Full Scale, co-host of the Startup Hustle podcast; as well as the founder of Gigabook. He is the top-selling author of Million Dollar Bedroom and Balance Me as well as the co-author of The Realist’s Guide to a Successful Music Career. Matt Watson is a Kansas City-based entrepreneur, co-founder of Full Scale, co-host of the Startup Hustle podcast; as well as the founder of Stackify. After a 150-million-dollar exit from VIN Solutions Matt founded Stackify, to help developers improve application performance so they can focus on building better apps. In 2021, Stackify was acquired by Netreo, earning Matt Watson a two-time exit Founder. Hosting the Startup Hustle podcast, we spend 5 days a week talking to entrepreneurs, influencers, investors and thought leaders shaping the local Startup ecosystem whom all say they have the same problem when it comes to finding the tech talent to help grow their business. It didn’t take long to realize something had to change. With that, we created Full Scale. We take a consultative approach with clients so that you can feel confident you are choosing the right team member for your project. To learn more about what we do: fullscale.io To learn more about who we are: https://linktr.ee/startuphustle

Founded: 2018

Company size: 201 - 500

LinkedIn See all jobs →

Job description

This is a remote position.

Join one of the Philippines' fastest-growing tech companies. Open to Philippine-based candidates only, with required overlap with US Central business hours.

About Us

Full Scale is a fully remote-first company that helps businesses build dedicated teams of skilled software engineers. We make it easier for growing companies to find, onboard, and retain high-performing software talent.

About the Role

We are looking for a Staff DevSecOps Engineer to help strengthen the security of our software delivery lifecycle, cloud infrastructure, and production environment.
This is a senior individual contributor role with direct visibility to leadership and broad cross-functional influence. You will work closely with engineering, IT, product, quality, and compliance teams to improve CI/CD security, software supply chain security, Azure and AKS security posture, infrastructure security baselines, vulnerability management, privileged access controls, and technical audit readiness.
This role is ideal for someone who is highly hands-on, practical, and comfortable driving security improvements across cloud platforms, Kubernetes, identity systems, pipelines, and production workflows.

Key Responsibilities:

10+ years of experience in DevOps, SRE, platform engineering, cloud security, security engineering, or related infrastructure roles
5+ years of experience in DevSecOps, cloud security, application security, or production security engineering
Deep hands-on experience with Azure, including AKS, Entra ID, networking, storage, Azure SQL, secrets management, monitoring, and access controls
Strong experience securing CI/CD pipelines, dependencies, containers, secrets, and shift-left security tooling
Hands-on Kubernetes and container security experience, including workload identity, network controls, and runtime hardening
Experience with infrastructure as code using Terraform, Bicep, or similar tooling
Scripting skills in Python, Go, Bash, PowerShell, or a similar language
Strong vulnerability management experience with practical risk-based prioritization
Experience with least-privilege and just-in-time production access models
Ability to work directly with engineering teams, influence without authority, and drive work independently
Strong written communication skills for documentation, findings, exceptions, and audit evidence

Requirements

8+ years of experience in DevOps, SRE, platform engineering, cloud security, security engineering, or related infrastructure roles
5+ years of experience in DevSecOps, cloud security, application security, or production security engineering
Deep hands-on experience with Azure, including AKS, Entra ID, networking, storage, Azure SQL, secrets management, monitoring, and access controls
Strong experience securing CI/CD pipelines, dependencies, containers, secrets, and shift-left security tooling
Hands-on Kubernetes and container security experience, including workload identity, network controls, and runtime hardening
Experience with infrastructure as code using Terraform, Bicep, or similar tooling
Scripting skills in Python, Go, Bash, PowerShell, or a similar language
Strong vulnerability management experience with practical risk-based prioritization
Experience with least-privilege and just-in-time production access modelsAbility to work directly with engineering teams, influence without authority, and drive work independentlyStrong written communication skills for documentation, findings, exceptions, and audit evidence

Nice to Have

Experience in regulated or high-assurance environments such as HIPAA, SOC 2, ISO 13485, ISO 27001, FDA-regulated software, healthcare SaaS, or fintech
Experience with SaMD, FDA QMSR, ISO 13485/MDSAP, or validated software development environments
Familiarity with Aikido, CrowdStrike, Vanta, New Relic, or similar tools
Experience with SAML, OIDC, SCIM, SSO, MFA, Conditional Access, PIM, and access reviews
Experience with Azure Policy, Defender for Cloud, Sentinel, Log Analytics, Key Vault, managed identities, and workload identity
Experience with GitHub Actions, Azure DevOps, Playwright, TUnit, or similar tooling
Experience with threat modeling, architecture reviews, incident response, disaster recovery, or ransomware resilience
Relevant certifications such as Azure Security Engineer Associate, CKS, CCSP, or CISSP

Benefits

Why Join Us

Fully remote work setup
Work from anywhere in the Philippines
High-impact role with strong ownership and leadership visibility
Opportunity to shape secure engineering standards and cloud security practices
Work on meaningful infrastructure, platform, and software security challenges
Collaborate with a high-performing team that values trust, ownership, and technical excellence