DevSecOps Engineer

About The Position

Requirements

• Strong experience with CI/CD tools (GitHub Actions, GitLab CI, Jenkins, Azure DevOps)
• Proficiency in cloud platforms (AWS, Azure, or GCP)
• Infrastructure as Code (Terraform, CloudFormation, ARM)
• Containerization and orchestration (Docker, Kubernetes)
• Security tools: SAST/DAST, dependency scanning, container security tools
• Scripting/programming (Python, Bash, Go, or similar)
• Solid understanding of networking, IAM, and security fundamentals
• Experience with Linux systems

Nice To Haves

• Experience with Zero Trust architecture
• Knowledge of OWASP Top 10 and secure coding standards
• Familiarity with SIEM/SOAR tools
• Security certifications (e.g., CISSP, CISM, CCSP, AWS Security Specialty)
• Experience in regulated environments

Responsibilities

• Integrate security practices into CI/CD pipelines (shift-left security)
• Design, implement, and maintain secure cloud infrastructure (AWS, Azure, GCP)
• Automate security testing (SAST, DAST, SCA, IaC scanning, container scanning)
• Manage secrets, keys, and certificates securely (Vault, KMS, Secrets Manager)
• Implement and monitor security controls for containers and Kubernetes
• Perform threat modeling, risk assessments, and security architecture reviews
• Respond to and investigate security incidents and vulnerabilities
• Ensure compliance with standards (ISO 27001, SOC 2, PCI-DSS, HIPAA, etc.)
• Collaborate with developers to improve secure coding practices
• Maintain logging, monitoring, and alerting for security events