DevSecOps Engineer | India

We are seeking a highly skilled and motivated DevSecOps Engineer to join our team. This individual will play a key role in integrating security practices into our software development lifecycle (SDLC). The DevSecOps Engineer will be responsible for automating security processes, implementing security tools, and collaborating with development and operations teams to ensure the security of our applications and infrastructure. This role requires a strong understanding of both security and DevOps principles, a passion for automation, and a collaborative mindset.

Responsibilities:

• Automate security testing: Implement and maintain automated security testing tools and processes within the CI/CD pipeline, including static application security testing (SAST), dynamic application security testing (DAST), software composition analysis (SCA), and container security scanning.
• Develop and maintain security infrastructure: Manage and configure security tools and infrastructure, such as web application firewalls (WAFs), intrusion detection/prevention systems (IDS/IPS), and security information and event management (SIEM) systems.
• Security as Code: Implement security as code practices using tools like Terraform, Ansible, or CloudFormation to automate security configurations and deployments.
• Vulnerability management: Manage and remediate security vulnerabilities identified through automated and manual testing. Collaborate with development teams to prioritize and fix vulnerabilities.
• Incident response: Participate in security incident response activities, including investigation, analysis, and remediation.
• Collaboration with development and operations teams: Work closely with development and operations teams to integrate security practices into the SDLC and ensure the security of our applications and infrastructure.
• Cloud security: Implement and manage security controls in cloud environments (AWS, Azure, GCP).
• Monitoring and logging: Implement and maintain security monitoring and logging systems to detect and respond to security threats.
• Continuous improvement: Continuously evaluate and improve security processes and tools.

Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• 3+ years of experience in DevOps or DevSecOps.
• Strong understanding of security principles and practices, including application security, network security, and cloud security.
• Experience with scripting languages such as Python, Bash, or PowerShell.
• Experience with automation tools such as Ansible, Chef, Puppet, or Terraform.
• Experience with CI/CD tools such as Jenkins, GitLab CI, or Azure DevOps.
• Experience with containerization technologies such as Docker and Kubernetes.
• Familiarity with security testing tools such as SAST, DAST, SCA, and penetration testing tools.
• Excellent communication and collaboration skills.
• Relevant security certifications, such as CISSP, CEH, or SANS GIAC certifications, are a plus.

Benefits:

• Competitive salary and benefits package.
• Opportunities for professional development and growth.
• Collaborative and innovative work environment.

Equal Opportunity Employer:

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.