We are seeking a skilled DevSecOps Engineer to strengthen our infrastructure, automation, and security practices across multiple projects. The ideal candidate will integrate security into every phase of the DevOps lifecycle, ensuring secure, scalable, and reliable deployments across development and production environments.
Requirements
- Design and manage secure cloud infrastructure on AWS and/or Azure
- Implement secure configurations for services (EC2/VMs, S3/Blob, RDS/Azure SQL, VPC/VNet, IAM/Azure AD, Load Balancers)
- Ensure high availability, scalability, and security compliance of production systems
- Build and manage Docker containers with security best practices
- Deploy and maintain Kubernetes clusters (EKS/AKS preferred)
- Implement container security scanning and runtime protection
- Design and maintain secure CI/CD pipelines (Jenkins, Azure DevOps)
- Integrate security tools (SAST, DAST, dependency scanning) into pipelines
- Automate build, test, deployment, and security validation processes
- Implement Infrastructure as Code using Terraform with security controls
- Automate configuration management using Ansible
- Implement monitoring, logging, and alerting (CloudWatch, Azure Monitor, Prometheus, Grafana)
- Set up security monitoring and threat detection systems
- Troubleshoot production and security issues with minimal downtime
- Improve system reliability and incident response processes
- Implement DevSecOps practices across the SDLC
- Manage IAM roles, access control, secrets, and key management
- Conduct vulnerability assessments, audits, and compliance checks
- Ensure adherence to security standards (OWASP, CIS benchmarks, etc.)
- Drive secure coding and infrastructure best practices
- Work closely with development, QA, and product teams to embed security early
- Support secure release planning and environment readiness
- Document security policies, workflows, and architecture
