DevSecOps Engineer | Hybrid / Remote | Experience: 4-6 Years
About Organization:
Suviksan Technologies is a leading technology services and consulting company, specializing in delivering innovative solutions for complex digital transformation challenges. With over 3+ years of experience managing global enterprises, we proudly serve clients across 4 countries, including India, Germany, Sweden, and the Philippines.
Our team of high-calibre technology professionals is dedicated to helping organizations overcome core challenges and unlock new market opportunities.
Quick Role Overview
We are looking for a motivated DevSecOps Engineer to join our cybersecurity team. The ideal candidate will bring hands-on experience in Secure SDLC practices, Automating Security in CI/CD Pipeline, Secure Code Reviews, and Software Composition Analysis (SCA) & Threat Modelling.
Key Responsibilities
- Drive Secure SDLC (Software Development Life Cycle) processes across development teams.
- Perform Secure Code Reviews and Software Composition Analysis (SCA) to identify vulnerabilities in code and third-party libraries.
- Integrate and maintain security testing in CI/CD pipelines (SAST, DAST, SCA, container security scanning).
- Collaborate with developers, DevOps, and operations teams to embed security in agile workflows.
- Prepare security documentation, risk assessments, and compliance reports.
Essential Skills
- Proficiency in Secure SDLC processes and secure coding practices.
- Experience with secure code review tools (Checkmarx, SonarQube, Fortify, etc.).
- Expertise in Software Composition Analysis (Snyk, OWASP Dependency-Check, WhiteSource, etc.).
- Experience / Knowledge with threat modelling (preferably VAST; experience with STRIDE/PASTA is a plus).
- Knowledge of securing CI/CD pipelines (Jenkins, GitHub Actions, GitLab CI/CD, Azure DevOps).
- Familiarity with application security principles (OWASP Top 10, CWE).
Desirable Skills
- Cloud Security: AWS, Azure, or GCP security services and best practices.
- Strong knowledge of NIST Cybersecurity Framework and implementation of security controls.
- Scripting/Automation: Python, Bash, or PowerShell for security automation.
- Familiarity with compliance standards like ISO 27001, SOC2, or GDPR.
Why Join Us
- Opportunity to work on cutting-edge DevSecOps security initiatives.
- Work in a collaborative and fast-paced cyber security team
- Opportunity to learn from global leaders
- Exposure to modern cloud technologies and complex enterprise environments
- Competitive salary and benefits
- Flexible working hours
- Learning & Development (L&D) opportunities
