DevSecOps Engineer

Job Summary

We are seeking a skilled DevSecOps Engineer to strengthen our security practices across cloud infrastructure and CI/CD pipelines. You will play a key role in embedding security controls, ensuring compliance, and supporting secure day-to-day operations in a cloud-native environment.

Responsibilities

Security & CI/CD Enablement

Integrate security controls into CI/CD pipelines (SAST, DAST, container scanning, etc.)

Automate enforcement of policies like secret detection and license gating

Embed tools such as SonarQube, Trivy, Snyk, and Checkov into workflows

Support infrastructure hardening and maintain secure templates (CIS, AMIs, containers)

Manage audit logs and alerts (e.g., GuardDuty, Security Hub, WAF)

Cloud Infrastructure & Operations

Improve secure and automated CI/CD pipelines

Implement IaC security validations (Terraform, OPA/Checkov)

Set up DR, secrets management, and observability pipelines (Prometheus, Grafana)

Collaboration & Day-2 Ops

Support vulnerability triage and incident response

Maintain security-focused runbooks for SRE teams

Enable secure rollout (e.g., mTLS, load balancer security policies)

Collaborate to address runtime and hardening gaps

Requirements

Proven experience securing AWS environments (IAM, KMS, GuardDuty, WAF)

Experience integrating security into GitOps/CI pipelines (GitLab, GitHub, Jenkins)

Proficient in container security (Docker, Kubernetes RBAC, image scanning)

Skilled in scripting (e.g., Bash, Python) and infrastructure-as-code (Terraform, Helm)

Familiarity with compliance frameworks (NIST, CIS benchmarks)

Strong troubleshooting skills in cloud networking, TLS, and logging

Bonus: Exposure to security audits or VAPT responses

Job Type: Contract

Work Location: In person