Senior DevSecOps Engineer

We are looking for an experienced DevSecOps Engineer to join our DevOps core platform team and help strengthen the security of our cloud-native infrastructure and development pipelines.You will work closely with our CISO, DevOps team, and developers to integrate security practices across the entire software development lifecycle (SDLC), helping ensure a secure, scalable, and resilient platform across cloud and on-prem environments.ResponsibilitiesIntegrate security practices into CI/CD pipelines and across the SDLCDesign and implement automated security solutions (vulnerability scanning, compliance checks, threat detection)Build and maintain Infrastructure as Code (IaC) for secure, scalable cloud environments (Terraform, Ansible)Automate security controls and operational processes across cloud and Kubernetes environmentsDesign, implement, and optimize CI/CD pipelines with a focus on security, reliability, and performanceSecure cloud and on-prem environments (IAM, network controls, encryption best practices)Manage and harden Kubernetes workloads, including configuration, access control, and image securityCollaborate with DevOps, developers, and security teams to improve system reliability and overall security postureConduct security assessments, penetration testing, and compliance auditsMonitor threats, respond to incidents, and improve incident response processesPromote DevSecOps culture by guiding teams on secure coding, infrastructure, and deployment practicesEnhance observability by integrating monitoring, logging, and SIEM solutions.Requirements: 5-8 years of experience in DevOps/Security, focusing on secure infrastructure and application security.Expertise in cloud security (AWS, GCP, Azure) and Infrastructure as Code (IaC) tools like Terraform and Ansible.Experience integrating security into CI/CD pipelines using tools like Jenkins, GitHub Actions, and ArgoCD.Knowledge of container security, Kubernetes best practices, and image scanning.Proficient with security practices (SAST, DAST, SCA, secret scanning) and compliance frameworks (e.g., CIS, NIST, ISO 27001, SOC2).Strong scripting skills (Python, Bash) for automating security tasks.Experience with zero-trust models, IAM, and secrets management.Familiar with AWS security tools (GuardDuty, Inspector, Shield, CloudTrail) and monitoring/alerting solutions (Grafana, Prometheus, SIEM).Strong troubleshooting skills in network security, encryption, and secure authentication.Excellent communication and collaboration skills.Advantages:Experience securing endpoint products (agents, sensors, collectors).Background in AI security (securing ML models, training pipelines, inference serving).Hands-on experience with policy as code tools such as OPA (Open Policy Agent) or Kyverno.Familiarity with compliance frameworks like ISO 27001, SOC 2, HIPAA, PCI-DSS, or FedRAMP.Tech Stack:Cloud &

• Orchestration: AWS, Kubernetes, EKS, ECSCI/CD &
• IaC: Jenkins, GitHub Actions, Terraform, Ansible, ArgoCDProgramming &
• Scripting: Python, Bash, GoMonitoring &
• Logging: Prometheus, Grafana, LokiDatabases &
• Messaging: MongoDB, RabbitMQ, Postgres, Neo4J, etc.This position is open to all candidates.