Sr. DevSecOps Engineer

🋠Role : Sr. DevSecOps Engineer

We are seeking a highly skilled Senior DevSecOps Engineer with 4 to 7 years of experience to join our Digital Enterprise team. In this role, you will be the driving force behind shifting security left across our entire software development lifecycle (SDLC). You will bridge the gap between development, operations, and security teams by designing, building, and maintaining secure, automated, and observable cloud-native pipelines. The ideal candidate has deep technical execution skills in infrastructure-as-code (IaC), continuous integration/continuous deployment (CI/CD), and advanced vulnerability management.

Core Responsibilities

• Pipeline Security Automation: Integrate and automate security gates into CI/CD pipelines (e.g., SAST, DAST, SCA, and secrets scanning) without slowing down standard delivery cadences.
• Infrastructure as Code (IaC): Design, implement, and maintain highly secure cloud environments using code orchestration tools.
• Container & Orchestration Security: Harden, deploy, and troubleshoot containerized architectures and microservices while implementing admission control policies.
• Secrets Management: Architect and manage enterprise secrets, cryptographic keys, and credential rotation workflows.
• Policy & Compliance Automation: Implement Policy-as-Code to dynamically block insecure cluster deployments and gather compliance evidence for regulatory audits.
• Threat Modeling & Governance: Lead proactive threat-modeling reviews during early system architecture designs to identify systemic risks.
• Collaboration & Culture: Coach development teams on secure coding standards, triage vulnerabilities, and conduct joint incident responses.

Technical Skills Matrix

Category

Required Technologies & Skills

Cloud Platforms

AWS, Azure, or GCP (Advanced identity management and network isolation)

CI/CD Tools

GitHub Actions, GitLab CI, Jenkins, or Azure DevOps

Infrastructure as Code

Terraform, OpenTofu, Ansible, or CloudFormation

Containers & Orchestration

Docker, Kubernetes, Helm, and GitOps engines (Argo CD or Flux)

Security Tooling

Snyk, Semgrep, Trivy, Checkov, Veracode, SonarCloud, or Gitleaks

Secrets & Identity

HashiCorp Vault, Cloud KMS, OAuth2, JWT, and CyberArk

Scripting & Automation

Python, Bash, Go, or PowerShell

Observability

Prometheus, Grafana, Loki, or OpenTelemetry protocols

Experience & Qualifications

• Overall Experience: Minimum 4 to 7 years of dedicated experience in DevOps, DevSecOps, or Platform/Cloud Security engineering.
• Production Scale: Proven history of owning and securing production cloud pipeline end-to-end at enterprise scale.
• Framework Familiarity: Strong understanding of security compliance standards like SOC 2, ISO 27001, NIST, or OWASP top 10.
• Problem Solving: Excellent debugging capability across complex Unix/Linux networking layers and distributed systems.

Preferred (Nice-to-Have) Qualifications

• Relevant certifications: AWS Certified Security Specialty, Certified Kubernetes Security Specialist (CKS), or CISSP.
• Exposure to automated incident triage workflows or AIOps/MLOps validation pipelines.

Soft Skills

• Clear Communicator: Ability to explain deep technical vulnerabilities and operations issues to business stakeholders and developers alike.
• Mentorship Mindset: Passionate about running secure-code workshops and upskilling junior engineers on security policies.
• Cross-Functional Partner: Adept at finding consensus between the friction of strict security controls and the speed of developer productivity.