About Client:
Our client is a global digital solutions and technology consulting company headquartered in Mumbai, India. The company generates annual revenue of over $4.29 billion (35,517 crore), reflecting a 4.4% year-over-year growth in USD terms. It has a workforce of around 86,000 professionals operating in more than 40 countries and serves a global client base of over 700 organizations.
Client: LTIMINDTREE
Job Type: C2H
Role: Senior Infrastructure Security & Compliance Engineer
Experience: 8-12y
Work Location:Bangalore
Payroll on : People Prime World Wide
Notice :0-15days
Job Description:
Senior Infrastructure Security & Compliance Engineer (Zero-Touch GPU Cloud GitOps-Driven Compliance & Resilience)
We are seeking a Senior Infrastructure Security & Compliance Engineer with 10+ years of experience in infrastructure and platform automation to drive the Zero-Touch Build, Upgrade, and Certification pipeline for our on-prem GPU cloud environment. This role is focused on integrating security scanning, policy enforcement, compliance validation, and backup automation into a fully GitOps-managed GPU cloud stack, spanning hardware OS Kubernetes platform layers.
Key Responsibilities
- Design and implement GitOps-native workflows to automate security, compliance, and backup validation as part of the GPU cloud lifecycle.
- Integrate Trivy into CI/CD pipelines for container and system image vulnerability scanning.
- Automate kube-bench execution and remediation workflows to enforce Kubernetes security benchmarks (CIS/STIG).
- Define and enforce policy-as-code using OPA/Gatekeeper to validate cluster and workload configurations.
- Deploy and manage Velero to automate backup and disaster recovery operations for Kubernetes workloads.
- Ensure that all compliance, scanning, and backup logic is declarative and auditable through Git-backed repositories.
- Collaborate with infrastructure, platform, and security teams to define security baselines, enforce drift detection, and integrate automated guardrails.
- Drive remediation automation and post-validation gates across build, upgrade, and certification pipelines.
- Monitor evolving security threats and ensure tooling is regularly updated to detect vulnerabilities, misconfigurations, and compliance drift.
Required Skills & Experience
- 10+ years of hands-on experience in infrastructure, platform automation, and systems security.
- Primary key skills required are Python/Go/Bash scripting, OPA Rego policy writing, CI integration for Trivy & kube-bench, GitOps
- Strong knowledge and practical experience with:
- Trivy for container, filesystem, and configuration scanning
- kube-bench for Kubernetes CIS benchmark compliance
- Velero for Kubernetes-native backup and disaster recovery
- OPA/Gatekeeper for policy-as-code and admission control
- Deep understanding of GitOps workflows (e.g., Argo CD, Flux) and how to integrate security tools declaratively.
- Proven experience automating security, compliance, and backup validation in CI/CD pipelines.
- Solid foundation in Kubernetes internals, RBAC, pod security, and multi-tenant best practices.
- Familiarity with vulnerability management lifecycles and security risk remediation strategies.
- Experience with Linux systems administration, OS hardening, and secure bootstrapping.
- Proficiency in scripting languages such as Python, Go, or Bash for automation and tooling integration.
- Bonus:
- Experience with SBOMs, image signing, or container supply chain security
- Exposure to regulated environments (e.g., PCI-DSS, HIPAA, FedRAMP)
- Contributions to open-source security/compliance projects
