Job Summary
We are seeking a skilled DevSecOps Engineer to strengthen our security practices across cloud infrastructure and CI/CD pipelines. You will play a key role in embedding security controls, ensuring compliance, and supporting secure day-to-day operations in a cloud-native environment.
Responsibilities
Security & CI/CD Enablement
- Integrate security controls into CI/CD pipelines (SAST, DAST, container scanning, etc.)
- Automate enforcement of policies like secret detection and license gating
- Embed tools such as SonarQube, Trivy, Snyk, and Checkov into workflows
- Support infrastructure hardening and maintain secure templates (CIS, AMIs, containers) Manage audit logs and alerts (e.g., GuardDuty, Security Hub, WAF)
Cloud Infrastructure & Operations
- Improve secure and automated CI/CD pipelines
- Implement IaC security validations (Terraform, OPA/Checkov) Set up DR, secrets management, and observability pipelines (Prometheus, Grafana)
Collaboration & Day-2 Ops
- Support vulnerability triage and incident response
- Maintain security-focused runbooks for SRE teams
- Enable secure rollout (e.g., mTLS, load balancer security policies)
- Collaborate to address runtime and hardening gaps
Requirements
- Proven experience securing AWS environments (IAM, KMS, GuardDuty, WAF)
- Experience integrating security into GitOps/CI pipelines (GitLab, GitHub, Jenkins)
- Proficient in container security (Docker, Kubernetes RBAC, image scanning)
- Skilled in scripting (e.g., Bash, Python) and infrastructure-as-code (Terraform, Helm)
- Familiarity with compliance frameworks (NIST, CIS benchmarks)
- Strong troubleshooting skills in cloud networking, TLS, and logging
- Bonus: Exposure to security audits or VAPT responses
Report job