Devsecops Engineer

**Job Summary**
We are seeking a skilled DevSecOps Engineer to strengthen our security practices across cloud infrastructure and CI/CD pipelines. You will play a key role in embedding security controls, ensuring compliance, and supporting secure day-to-day operations in a cloud-native environment.

**Responsibilities**
**Security & CI/CD Enablement**
Integrate security controls into CI/CD pipelines (SAST, DAST, container scanning, etc.)
Automate enforcement of policies like secret detection and license gating
Embed tools such as SonarQube, Trivy, Snyk, and Checkov into workflows
Support infrastructure hardening and maintain secure templates (CIS, AMIs, containers)
Manage audit logs and alerts (e.g., GuardDuty, Security Hub, WAF)

**Cloud Infrastructure & Operations**
Improve secure and automated CI/CD pipelines
Implement IaC security validations (Terraform, OPA/Checkov)
Set up DR, secrets management, and observability pipelines (Prometheus, Grafana)

**Collaboration & Day-2 Ops**
Support vulnerability triage and incident response
Maintain security-focused runbooks for SRE teams
Enable secure rollout (e.g., mTLS, load balancer security policies)
Collaborate to address runtime and hardening gaps

**Requirements**:
Proven experience securing AWS environments (IAM, KMS, GuardDuty, WAF)
Experience integrating security into GitOps/CI pipelines (GitLab, GitHub, Jenkins)
Proficient in container security (Docker, Kubernetes RBAC, image scanning)
Skilled in scripting (e.g., Bash, Python) and infrastructure-as-code (Terraform, Helm)
Familiarity with compliance frameworks (NIST, CIS benchmarks)
Strong troubleshooting skills in cloud networking, TLS, and logging
Bonus: Exposure to security audits or VAPT responses

**Job Type**: Contract

Work Location: In person