We are looking for a proactive and skilled DevSecOps Engineer to incorporate security practices into our software development and operations processes. You have hands-on experience with CI/CDI, covering pipelines, cloud platforms, container security, vulnerability management, etc., and security automation. You will collaborate closely with Development, DevOps, and Security teams to build secure, scalable, and compliant applications and infrastructure.
Key Responsibilities:
- CI/CD pipelines design, build, and maintenance with security aspects.
- Embed security tools and controls in the SDLC process.
- Perform SAST, DAST Application Security Testing (DAST), and Software Composition Analysis (SCA).
- Conducts vulnerability scans and helps track impact, applications, containers, and infrastructure
- Design, develop, and harden the Infrastructure as Code (IaC) security practices.
- Safety cloud Environments (AWS, Azure, or GCP) and already now forward-earning trend to be listed in compliance with the security commons.
- SIEM and Security Monitoring: Track security incidents, logs, and events monitoring tools.
- Policy sees container and Kubernetes security, including image scanning and runtime protection.
- Work with developers to find and fix security issues.
- Drafting new and revising existing security policies, standards, and best practices.
- Automate Security and Compliance Checks in DevOps Workflows
- Basic incident response support, performing initial threat identification and root-cause analysis activities.
Required Skills & Qualifications:
The desired candidate should have a bachelor’s degree in Computer Science, Information Security Engineering, or a related field. From experience with prior pools of applicants, you have one or more:
- 3+ years’ experience in DevOps, Cloud Security, Cybersecurity, and DevSecOps roles.
- Strong knowledge of DevSecOps concepts and secure software delivery life cycle.
- Experience with CI/CD tools like Jenkins, GitHub Actions, GitLab CI/CD, or Azure DevOps
- Experience with cloud platforms (e.g., AWS, Azure, or GCP)
- Familiarity with Docker and Kubernetes.
- Knowledge of Infrastructure as Code Tools, Terraform, and CloudFormation.
- Experience in vulnerability management techniques and tools, security scanning; By using strong scripting languages (Python, Bash, PowerShell)
- Very Good Knowledge of Networking, Linux administration, and basic-level security.
- Familiarity with OWASP Top 10, security frameworks, and compliance standards
Note: Interested candidates may send their resume to [email protected]. Only shortlisted applicants will be contacted.