Senior DevSecOps Engineer

Job Location: Bangalore

Job title: Sr. DEvSecOps Engineer (AWS + Python + DevOps/Cloud Security)

Interview Mode: last round F2F

Experience: 5-10 years

What You'll Do

• Be part of a team of engineers to implement client specific security policies in CI/CD security tools including but not limited to SAST, OSS and SCA applications.
• Work closely with Development, DevOps, Cloud and Security teams to identify and develop automated security and compliance capabilities in support of DevSecOps processes.
• Support and enhance cloud-native security capabilities across AWS environments and CI/CD platforms.
• Define and implement security rules that need to be adhered to at a code level in web and mobile applications written in .NET, Java, React, Python and other languages.
• Utilize Python scripting and automation to integrate security controls, reporting, monitoring and workflow automation.
• With your development background and security knowledge, provide a secure and stable platform for enforcing application security controls.
• Support security standards, and design & implement architectural patterns to increase the resiliency and scalability of security platforms.
• Work with partners to implement, manage and optimize security measures within GitHub repositories to continuously improve code integrity and protect against vulnerabilities.
• Assist in automation, monitoring and governance of cloud infrastructure, preferably within AWS environments.

Required Skillset

• Must have: 3–5+ years of hands-on experience in Python scripting/development with focus on automation and integrations.
• Experience working with APIs, including REST-based integrations.
• Good understanding of unit testing frameworks.
• Understanding of multi-process and multi-threaded architectures.
• Strong experience in Linux environments with solid Bash scripting skills.
• Good understanding of AWS cloud services and cloud-based deployments.
• Deep understanding of CI/CD pipelines and DevOps practices.
• Experience working with tools such as Jenkins, GitHub Actions, TeamCity or similar build/deployment platforms.
• Working knowledge of Windows environments and basic scripting (DOS batch / PowerShell).
• Bachelor's degree with 5+ years of overall IT experience.
• Ability to process large datasets for reporting and analysis.

Desired Skillset

• Understanding of DevSecOps concepts and application security practices.
• Knowledge of SAST, OSS and SCA technologies.
• Exposure to AWS security best practices, IAM, monitoring and cloud governance is preferred.
• Ability to review Python scripts/code with minimal assistance.
• Expertise in monitoring, alerting, reporting and data analysis is desired.
• Exposure to container/orchestration technologies such as Kubernetes and Docker is a plus.
• Experience evaluating, integrating and onboarding security tools such as DAST, RASP, WAF, vulnerability scanners, container analyzers and open-source scanning tools is a plus.
• Self-starter with strong analytical and problem-solving capabilities and willingness to learn new technologies.