Role Summary
Embed security across CI/CD pipelines, cloud infrastructure, and deployment workflows. Automate security controls, harden infrastructure, and collaborate with engineering andDevOpsto ensure systems are secure, scalable, and resilient.
Key Responsibilities
- Integrate SAST, SCA, DAST, and container security into CI/CD pipelines
- Automate security scans for code, dependencies, containers, and IaC
- Implement secure IAM, VPC, firewall, and network configurations
- Monitor vulnerabilities, track remediation, and ensure SLA compliance
- Work with developers to fix security findings and improve coding practices
- Manage secure infrastructure using Terraform, Docker, Kubernetes, Helm
- Configure secrets management, access policies, and zero-trust controls
- Support incident response and analyze cloud/platform security events
- Document security practices, policies, and deployment guardrails
Skills & Experience
- 3-7 years inDevSecOps/Application Security/Cloud Security
- Strong knowledge of secure SDLC, CI/CD, pipelines, and automation
- Experience with Prisma Cloud, Snyk, Checkmarx, SonarQube, Fortify, or similar
- Familiar with AWS/GCP and Kubernetes security
- Good understanding of IAM, network security, encryption, firewalls, and WAF
- Scripting ability in Python, Shell, or YAML
- Basic experience with Terraform or other IaC tools
Mindset
- Security-first, automation-focused, collaborative, and detail-oriented.
