We are seeking a skilled DevSecOps Engineer to design and implement secure DevOps pipelines, enforce cloud security best practices, and lead security automation across multiple client engagements.
This role requires hands-on expertise and the ability to guide teams on secure delivery practices.
Key Responsibilities:
- Design and manage end-to-end secure CI/CD pipelines
- Integrate and automate security testing (SAST, DAST, SCA, secrets scanning)
- Implement container and Kubernetes security controls
- Define and enforce cloud security architecture and policies
- Lead vulnerability management and remediation strategies
- Implement Infrastructure as Code with security guardrails
- Automate compliance checks and policy enforcement
- Conduct threat modeling and risk assessments for client solutions
- Mentor junior engineers and promote DevSecOps best practices
- Work directly with client teams on secure architecture and audits
Required Skills:
- Strong experience with CI/CD tools and pipeline design
- Hands-on experience in AWS, Azure, or GCP security services
- Proficiency in containers and Kubernetes security
- Experience with Infrastructure as Code tools (Terraform, Pulumi, etc.)
- Solid understanding of IAM, encryption, and secrets management
- Familiarity with compliance standards (ISO 27001, SOC 2, HIPAA – as relevant)
- Scripting/programming skills (Python, Bash, or Go)
- Strong troubleshooting and system design skills
Good to Have:
- Security certifications (e.g., AWS Security Specialty, CEH, CISSP – Associate)
- Experience in multi-tenant or SaaS environments
- Exposure to zero-trust architectures
