This website uses cookies to ensure you get the best experience.

K3 Capital Group and our selected partners use cookies and similar technologies (together “cookies”) that are necessary to present this website, and to ensure you get the best experience of it. If you consent to it, we will also use cookies for analytics and marketing purposes.

See our Cookie Policy to read more about the cookies we set.

You can withdraw and manage your consent at any time, by clicking “Manage cookies” at the bottom of each website page.

Select which cookies you accept

On this site, we always set cookies that are strictly necessary, meaning they are necessary for the site to function properly.

If you consent to it, we will also set other types of cookies. You can provide or withdraw your consent to the different types of cookies using the toggles below. You can change or withdraw your consent at any time, by clicking the link “Manage Cookies”, which is always available at the bottom of the site.

To learn more about what the different types of cookies do, how your data is used when they are set etc, see our Cookie Policy.

These cookies are necessary to make the site work properly, and are always set when you visit the site.

Vendors Teamtailor

These cookies collect information to help us understand how the site is being used.

Vendors Teamtailor

These cookies are used to make advertising messages more relevant to you. In some cases, they also deliver additional functions on the site.

Vendors Meta, Youtube
K3 Capital Group career site
Kuala Lumpur · Hybrid

DevSecOps Analyst

Role Purpose: Embed security, compliance, and automation into build and release processes so teams can ship fast and safely across all K3 brands and divisions.

Key Responsibilities:

  • Implement CI/CD templates with SAST/DAST/SCA and container scanning
  • Enforce secrets management (OIDC to Key Vault, no long-lived credentials)
  • Define and monitor policy gates for secure code
  • Build SBOM generation, image signing, and provenance
  • Automate compliance evidence and deployment checklists

Preferable Experience:

  • 3+ years in DevOps/DevSecOps with GitHub Actions or Azure DevOps
  • Hands-on with CodeQL/OWASP ZAP/Snyk/Trivy/Checkov
  • Docker/Kubernetes fundamentals and scripting skills
  • Track record reducing vulnerability backlog and failed deployments
  • Experience with supply chain security (Sigstore/cosign)
  • You will be a Malay National to be considered

Success Measures:

  • 90%+ repos covered by automated security gates
  • Critical MTTR < 10 days
  • < 5% change failure rate and steadily improving deployment times

Salary Range:

RM 126,000 - 172,000 per year + competitive benefits package included

Location: Kuala Lumpur, Malaysia (Hybrid working model)

Locations
Kuala Lumpur
Remote status
Hybrid
Yearly salary
MYR126,000 - MYR172,000
Employment type
Full-time
Employment level
Professionals
Picture of Samantha Relph
Contact Samantha Relph K3 Careers – K3 Capital Group - HR

About K3 Capital Group

With over 1,200 employees across the Group, 30 offices in the UK, and international bases in Malaysia, Hong Kong, Cyprus, Vietnam, Singapore, and Mauritius

Founded in 1998
Co-workers 1400+
Turnover 70M
Kuala Lumpur · Hybrid

DevSecOps Analyst

Loading application form

Already working at K3 Capital Group?

Let’s recruit together and find your next colleague.