About The Role
We are looking for a motivated DevSecOps Engineer to strengthen our infrastructure and security posture across the cloud and CI/CD ecosystem. The ideal candidate has hands-on experience in Kubernetes, cloud-native security, and compliance automation, with strong technical expertise in vulnerability management, observability, and secure software delivery aligned with PCI-DSS and SOC 2 standards.
Key Responsibilities
- Design, implement, and secure CI/CD pipelines following DevSecOps principles and GitOps workflows (ArgoCD).
- Integrate security tools across build and deployment pipelines for SAST, DAST, dependency scanning, and CVE management.
- Manage and harden containerized workloads on Kubernetes and Docker, implementing runtime security controls and RBAC policies.
- Automate compliance checks and audit data collection to maintain PCI DSS and SOC 2 readiness.
- Deploy, monitor, and secure infrastructure across AWS, GCP, or Azure environments.
- Configure and operate observability and security monitoring tools (Prometheus, Grafana, OpenTelemetry, Loki, Wazuh).
- Collaborate with the security team to establish threat detection, incident response, and log correlation workflows using SIEM tools.
- Strengthen cluster and network security through Istio, NetworkPolicies, and zero-trust design principles.
Required Skills & Qualifications
- 13 years of experience in DevSecOps, Security Engineering, or Cloud Security roles.
- Strong understanding of Kubernetes, Docker, Linux, and networking fundamentals.
- Experience with security scanning, vulnerability management, and CVE patch automation.
- Working knowledge of GitOps (ArgoCD), CI/CD tools (GitHub Actions, Jenkins, etc.), and IaC security (Terraform, Helm).
- Familiar with cloud provider security services (AWS IAM, Security Hub, GCP Security Command Center, etc.).
- Understanding of monitoring, alerting, and tracing stacks Prometheus, Grafana, Loki, OpenTelemetry.
- Practical exposure to compliance frameworks (PCI DSS, SOC 2) and audit readiness processes.
- Excellent debugging, documentation, and cross-functional communication skills.
Good to Have
- Hands-on with Wazuh, Trivy, or other vulnerability/scanning tools.
- Knowledge of service mesh security (Istio mTLS, certificate rotation).
- Exposure to SIEM, threat intelligence, or incident response workflows.
- Cloud certifications (AWS/GCP/Azure) or Kubernetes certifications (CKA/CKS) are a plus.
Skills: ci,scanning,aws,reliability,cloud,devops,kubernetes,management,cd,scalability,system design,vulnerability,devsecops,security
