DevSecOps Engineer

About Position:

This role focuses on driving Vulnerability Management and DevSecOps practices by integrating security controls across CI/CD pipelines, cloud platforms, and containerized environments. The position works closely with development and DevOps teams to identify, assess, and remediate application and infrastructure vulnerabilities, ensuring secure and compliant software delivery throughout the development lifecycle.

• Role: DevSecOps Engineer
• Location: All Persistent Location
• Experience: 7 to 10 Years
• Job Type: Full Time Employment
• Mandatory Mention 3 skills: Cloud Security, Vulnerability Management, DevSecOps, CI/CD, Trivy, Terraform,

What You'll Do:

• Integrate security controls into CI/CD pipelines to enable secure application delivery
• Lead and manage application, container, and cloud vulnerability scanning activities
• Implement and operate SAST, SCA, DAST, Secrets Detection, and IaC security scans
• Analyze vulnerability findings and provide actionable remediation guidance to development teams
• Track, prioritize, and support vulnerability remediation across projects
• Automate security scanning, reporting, and alerting workflows
• Collaborate with DevOps and cloud teams to embed DevSecOps best practices
• Support threat modeling and risk assessments for applications and infrastructure
• Assist with penetration testing efforts and validate fix closures
• Maintain and administer GitLab CI/CD security features and integrations

Expertise You'll Bring:

• Strong experience in DevSecOps and Vulnerability Management within CI/CD environments
• Hands-on expertise with SAST, SCA, DAST, Secrets Detection, and IaC security scanning
• Solid understanding of CI/CD pipelines using GitLab (preferred) or similar tools
• Practical experience with cloud security on AWS, Azure, or GCP
• Hands-on knowledge of container and Kubernetes security
• Experience using tools such as Trivy, Terraform, Jenkins, Burp Suite, or similar
• Ability to analyze vulnerability findings and provide clear remediation guidance
• Understanding of secure coding practices and cloud-native security concepts
• Exposure to threat modeling, risk assessment, and penetration testing support
• Scripting or automation experience using Python, Bash, or JavaScript is a plus

Benefits:

• Competitive salary and benefits package
• Culture focused on talent development with quarterly growth opportunities and company-sponsored higher education and certifications
• Opportunity to work with cutting-edge technologies
• Employee engagement initiatives such as project parties, flexible work hours, and Long Service awards
• Annual health check-ups
• Insurance coverage: group term life, personal accident, and Mediclaim hospitalization for self, spouse, two children, and parents

Values-Driven, People-Centric & Inclusive Work Environment:

Persistent is dedicated to fostering diversity and inclusion in the workplace. We invite applications from all qualified individuals, including those with disabilities, and regardless of gender or gender preference. We welcome diverse candidates from all backgrounds.

• We support hybrid work and flexible hours to fit diverse lifestyles.
• Our office is accessibility-friendly, with ergonomic setups and assistive technologies to support employees with physical disabilities.
• If you are a person with disabilities and have specific requirements, please inform us during the application process or at any time during your employment

Let's unleash your full potential at Persistent - persistent.com/careers

Persistent is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind.