We are seeking a skilled DevSecOps Engineer to integrate security across the entire software development lifecycle. The ideal candidate will have strong experience in CI/CD, cloud security, automation, and modern DevOps toolchains, with the ability to collaborate closely with development, operations, and security teams.
1. Secure SDLC & Automation
* Embed security practices across development, testing, deployment, and operations.
* Automate security checks within CI/CD pipelines using tools such as SAST, SCA, DAST, and Secrets Scanning.
* Implement automated compliance validation and policy enforcement.
* Design, build, and maintain secure CI/CD pipelines using GitHub Actions, GitLab CI, Jenkins, Azure DevOps, or similar tools.
* Integrate security testing tools into build pipelines (e.g., SonarQube, Checkmarx, Snyk, OWASP ZAP, Trivy).
* Secure cloud workloads across AWS, Azure, or GCP.
* Implement policies for IAM, network segmentation, encryption, key management, and secrets handling (Vault, AWS KMS, Azure Key Vault, GCP KMS).
* Apply infrastructure‐as‐code (IaC) security checks (Terraform/CloudFormation security scanning).
* Secure container images, registries, and supply chain through scanning and admission controls.
* Implement Kubernetes security best practices—RBAC, network policies, pod security, runtime scanning.
5. Threat Detection & Monitoring
* Set up logging, monitoring, and alerting using tools like CloudWatch, Azure Monitor, ELK, Prometheus, Grafana.
* Detect vulnerabilities, misconfigurations, and anomalies in production environments.
6. Vulnerability & Risk Management
* Identify, prioritize, and remediate security vulnerabilities.
* Conduct root cause analysis and define preventative measures.
* Drive security governance, compliance automation, and risk reporting.
7. Collaboration & Stakeholder Alignment
* Work with DevOps, Development, and Security teams to implement secure practices.
* Provide security guidance, documentation, and training to engineering teams.
* Participate in architecture reviews and security design discussions.
Required Skills & Qualifications
Technical Skills
* Strong experience with DevOps & CI/CD pipelines.
* Hands‐on experience in SAST, DAST, SCA, Container scanning.
* Proficiency with Linux, scripting (Python, Bash, Shell).
* Knowledge of Docker & Kubernetes security.
* Expertise in securing cloud platforms (AWS/GCP/Azure).
* Security frameworks: OWASP Top 10, CIS Benchmarks, NIST, ISO 27001.
Soft Skills
* Strong problem-solving capabilities.
* Excellent communication and cross-team collaboration.
* Ability to advocate for security without blocking delivery.
Qualifications
* 3–10+ years of experience in DevOps/DevSecOps/Security engineering.
* Certifications (preferred but not mandatory):
#J-18808-Ljbffr