Job VC
Lead DevSecOps / Azure Platform Engineer — Secure CI/CD and Cloud Modernization
Technologies
Description
Summary
Safe City Group is hiring a Lead DevSecOps / Azure Platform Engineer to build secure, automated delivery foundations for critical UAE traffic and public-sector systems. This role is not basic deployment support. The immediate mission is to move from manual releases and weak secrets handling to controlled CI/CD, secure environment promotion, automated scanning, Azure Key Vault integration, infrastructure-as-code, release traceability, and production observability.
Immediate priorities
Build baseline Azure DevOps pipelines for .NET / ASP.NET Core applications.
Add build, test, SAST, SCA, secret scanning, artifact versioning, and deployment gates.
Remove plaintext secrets from config/code and migrate to Azure Key Vault or equivalent.
Establish environment promotion across Dev / Test / Staging / Production.
Create rollback-ready deployment procedures.
Implement secure variable groups, service connections, managed identities, and least-privilege access.
Support Azure App Services / Azure SQL / Storage / APIM / WAF / Application Insights / Azure Monitor.
Partner with security/governance to align releases with OWASP, ISO 27001, and internal change controls.
Train developers on practical pipeline usage without turning process into bureaucracy.
Must-have experience
7+ years in DevOps, platform engineering, cloud engineering, or release engineering.
Strong
Azure DevOps Pipelines
experience.
Strong Azure production experience: App Services, Azure SQL, Storage, Key Vault, Entra ID, Application Insights, Azure Monitor.
Hands-on CI/CD for
.NET / C# / ASP.NET Core
systems.
Infrastructure as Code:
Bicep or Terraform
.
Secrets management and credential rotation.
SAST/SCA/secret scanning integration.
Branching, PR gates, artifact management, deployment approvals, rollback.
Docker/containerization experience.
Strong English, B2+ minimum.
Strong preference
Experience in regulated, government, financial, transport, telecom, or security-sensitive systems.
Experience modernizing manual deployment environments.
Experience with APIM, WAF, private endpoints, NSGs, managed identity, RBAC.
Familiarity with SonarQube, Snyk, GitHub Advanced Security, Microsoft Defender for Cloud, OWASP ZAP, Trivy, Checkov, Dependabot, or equivalent tools.
Azure certifications: AZ-400, AZ-104, AZ-305, AZ-500.
Safe City Group is hiring a Lead DevSecOps / Azure Platform Engineer to build secure, automated delivery foundations for critical UAE traffic and public-sector systems. This role is not basic deployment support. The immediate mission is to move from manual releases and weak secrets handling to controlled CI/CD, secure environment promotion, automated scanning, Azure Key Vault integration, infrastructure-as-code, release traceability, and production observability.
Immediate priorities
Build baseline Azure DevOps pipelines for .NET / ASP.NET Core applications.
Add build, test, SAST, SCA, secret scanning, artifact versioning, and deployment gates.
Remove plaintext secrets from config/code and migrate to Azure Key Vault or equivalent.
Establish environment promotion across Dev / Test / Staging / Production.
Create rollback-ready deployment procedures.
Implement secure variable groups, service connections, managed identities, and least-privilege access.
Support Azure App Services / Azure SQL / Storage / APIM / WAF / Application Insights / Azure Monitor.
Partner with security/governance to align releases with OWASP, ISO 27001, and internal change controls.
Train developers on practical pipeline usage without turning process into bureaucracy.
Must-have experience
7+ years in DevOps, platform engineering, cloud engineering, or release engineering.
Strong
Azure DevOps Pipelines
experience.
Strong Azure production experience: App Services, Azure SQL, Storage, Key Vault, Entra ID, Application Insights, Azure Monitor.
Hands-on CI/CD for
.NET / C# / ASP.NET Core
systems.
Infrastructure as Code:
Bicep or Terraform
.
Secrets management and credential rotation.
SAST/SCA/secret scanning integration.
Branching, PR gates, artifact management, deployment approvals, rollback.
Docker/containerization experience.
Strong English, B2+ minimum.
Strong preference
Experience in regulated, government, financial, transport, telecom, or security-sensitive systems.
Experience modernizing manual deployment environments.
Experience with APIM, WAF, private endpoints, NSGs, managed identity, RBAC.
Familiarity with SonarQube, Snyk, GitHub Advanced Security, Microsoft Defender for Cloud, OWASP ZAP, Trivy, Checkov, Dependabot, or equivalent tools.
Azure certifications: AZ-400, AZ-104, AZ-305, AZ-500.