Sr. DevSecOps Engineer

Deltek, Inc. -
Bengaluru, Karnataka

Apply Now

Job details

1 day ago

Qualifications

Jira
Web accessibility
Spring Boot
CI/CD
Elasticsearch
Data modelling
Azure
Go
Node.js
FedRAMP
Computer Science
CSS
Software Engineering
PCI
React
Kubernetes
D3.js
GWAPT
Full-stack development
System design
Git
MongoDB
Java
Master's degree
RBAC
AWS
Docker
Cloud security
Bachelor's degree
NIST standards
PostgreSQL
Neo4j
Terraform
Continuous integration
Redis
RabbitMQ
REST
Django
GitHub
APIs
ISO 27001
Kafka
GraphQL
Flask
gRPC
Jenkins
TypeScript
GitLab
Python
Spring framework
MySQL
Identity & access management
SDLC

Full job description

As the recognized global standard for project-based businesses, Deltek delivers software and information solutions to help organizations achieve their purpose. Our market leadership stems from the work of our diverse employees who are united by a passion for learning, growing, and making a difference.

At Deltek, we take immense pride in creating a balanced, values-driven environment, where every employee feels included and empowered to do their best work. Our employees put our core values into action daily, creating a one-of-a-kind culture that has been recognized globally. Thanks to our incredible team, Deltek has been named one of America's Best Midsize Employers by Forbes, a Best Place to Work by Glassdoor, a Top Workplace by The Washington Post and a Best Place to Work in Asia by World HRD Congress. www.deltek.com

Business Summary

The Deltek Global Cloud team focuses on the delivery of first-class services and solutions for our customers. We are an innovative and dynamic team that is passionate about transforming the Deltek cloud services that power our customers' project success. Our diverse, global team works cross-functionally to make an impact on the business. If you want to work in a transformational environment, where education and training are encouraged, consider Deltek as the next step in your career!

Position Responsibilities

Role Summary
We are seeking a hands-on Full Stack Developer to design, build, and continuously evolve a suite of internal security tools and platforms — including Vulnerability Management (VM), Web Application Security (WAS) scanning orchestration, SAST/SCA/DAST integrations, threat intelligence aggregation, asset and attack-path modeling, and Secure SDLC tooling. The successful candidate will engineer scalable, well-tested, end-to-end web applications that empower security engineers, developers, and risk stakeholders across the organization to identify, triage, and remediate security risk faster. You will work at the intersection of application engineering and security engineering, embedding security automation into developer workflows and cloud platforms.

Goals & Objectives

Build and continuously improve an internal security tooling platform that consolidates vulnerability data, scan results, asset context, and remediation workflows into a single source of truth.
Develop and maintain the Vulnerability Management (VM) application — including ingestion pipelines, normalization, deduplication, risk scoring (CVSS/EPSS/contextual), SLA tracking, and reporting dashboards over very large finding datasets.
Engineer the Web Application Security (WAS) tooling — orchestration of DAST scans, authenticated scan profiles, scan scheduling, finding triage workflows, and developer ticketing integrations (Jira, Azure DevOps, GitHub Issues).
Integrate SAST, SCA, secrets-scanning, IaC scanning, and container-image scanning tools into CI/CD pipelines, and surface results through the security platform.
Model assets, identities, and relationships as a graph to power blast-radius and attack-path analysis used by remediation workflows.
Reduce manual effort for the security team by automating recurring workflows (ticket creation, exception management, evidence collection, compliance evidence) using durable workflow orchestration.
Partner with the AppSec and Cloud Security teams to operationalize Secure SDLC controls (threat modeling intake, security requirements, gating policies, paved-road templates).
Deliver a high-quality developer and analyst experience: fast, intuitive UIs handling high-cardinality data; reliable APIs; well-documented integrations; observable, resilient services.
Champion engineering best practices — code quality, automated testing, performance, accessibility, and security-by-design in everything we build.

Key Responsibilities
Full Stack Development

Design, develop, test, deploy, and maintain end-to-end features across frontend, backend, and data layers for the security tooling platform.
Build responsive, accessible web UIs using React with TypeScript, virtualized data grids, charting libraries, and real-time updates (WebSockets / Server-Sent Events) for scan progress and live findings.
Develop scalable backend services and REST APIs (OpenAPI-first) using Python (FastAPI/Django) or Node.js — including authentication, authorization (RBAC/ABAC), and audit logging.
Design relational, document, search, and analytical data models — PostgreSQL for operational data, OpenSearch/Elasticsearch for finding search, and a columnar store (ClickHouse, Snowflake, BigQuery, or Iceberg/Parquet) for analytics over billions of findings.
Build event-driven and batch data pipelines for ingesting scanner output, asset inventory, ticketing data, and threat intelligence feeds.
Implement durable workflow orchestration for scan lifecycle, ticket lifecycle, SLA timers, and evidence collection.

Qualifications

Required Skills & Experience

Education

Bachelor's or Master's degree in Computer Science, Software Engineering, Cybersecurity, or a related discipline — or equivalent professional experience.

Full-Stack Core (Must-Have)

7+ years of professional software engineering experience building production web applications end-to-end.
Strong proficiency in React (preferred) with TypeScript, modern CSS, and component libraries; experience with virtualized data grids (TanStack Table, AG-Grid) and a charting library (Recharts, D3, ECharts) for high-density security dashboards.
Strong proficiency in Python (FastAPI/Django/Flask) — preferred for this role given the security tooling ecosystem — and/or Node.js (Express/Nest). Java (Spring Boot) or Go experience is a plus.
Solid REST API design (OpenAPI-first), authentication and identity standards (OAuth 2.0, OIDC, JWT), and authorization patterns (RBAC/ABAC).
Proficiency with PostgreSQL (or MySQL) and at least one of OpenSearch/Elasticsearch, MongoDB, or Redis.
Experience with event-driven systems and message brokers (Kafka, SQS, RabbitMQ, Pub/Sub).
Strong fundamentals in data structures, algorithms, system design, and software engineering best practices (SOLID, clean architecture, testing pyramid).
Hands-on experience with Git, modern CI/CD, containerization (Docker), and at least one cloud platform (AWS, Azure, or GCP).
Hands-on experience with GitHub Actions for CI/CD pipeline development and Argo CD for GitOps-based continuous delivery to Kubernetes.
Real-time UX patterns — WebSockets or Server-Sent Events for live scan status and findings updates.

Security-Platform Engineering (Must-Have)

Working knowledge of OWASP Top 10 / OWASP ASVS and how to prevent common web vulnerabilities in code.
Understanding of the Vulnerability Management lifecycle — discovery, triage, prioritization (CVSS, EPSS, business context), remediation, and reporting.
Familiarity with common security testing tools — SAST, DAST, SCA, secrets scanning, container scanning, IaC scanning — and experience integrating at least one into a CI/CD pipeline.
Hands-on experience with durable workflow— critical for scan, ticket, and SLA lifecycle management.
Experience designing for large-scale finding/telemetry data
Understanding of Secure SDLC principles — security requirements, threat modeling, secure coding standards, security gates, and DevSecOps automation.

Cloud Security & Secure SDLC (Strongly Preferred)

Hands-on experience implementing or consuming cloud security controls — IAM least privilege, KMS/Secrets Manager, VPC design, security groups, logging (CloudTrail / Defender / Cloud Audit Logs).
Familiarity with policy-as-code authorization engines (OPA/Rego, Cedar) for both product policy and platform RBAC.
Experience integrating security tooling with CI/CD pipelines (GitHub Actions, Jenkins, Azure DevOps, GitLab CI).
Familiarity with CSPM/CNAPP tools (Qualys, Wiz, Prisma Cloud, Defender for Cloud) and CWPP concepts.
Exposure to compliance frameworks such as SOC 2, ISO 27001, PCI-DSS, FedRAMP, NIST SSDF, or NIST 800-53.
Understanding of supply-chain security concepts — SBOM, SLSA, signing, provenance.

Nice-to-Have

Graph data modeling experience (Neo4j, JanusGraph, Cypher/Gremlin) for asset and attack-path analysis.
Prior experience building internal security tools, vulnerability management platforms, or AppSec portals.
GraphQL or gRPC for internal service APIs; SAML for enterprise SSO integrations.
Contributions to open-source security projects, or security CTF / bug bounty experience.
Industry certifications such as AWS/Azure Security Specialty, CKS, CSSLP, GWAPT, OSCP, or Security+.
Production Kubernetes and Infrastructure-as-Code (Terraform, Pulumi, CloudFormation) experience.

Career Interests

Engineering

Position Type

Travel Requirements

10%

Applicant Privacy Notice

Deltek is committed to the protection and promotion of your privacy. In connection with your application for employment with us at Deltek, it is necessary for us to collect, store and use information about you (“Personal Data”) to administer and evaluate your application. We are the “controller” of the Personal Data you provide us and will process any such Personal Data in accordance with applicable law and the statements contained in this Employment Candidate Privacy Notice. Additionally, we have not sold and do not sell Personal Data you provide to us through the job application process.

Job Expires

16-Jun-2027

Apply Now

Jobseeker tools

Employer Tools

Browse

Stay Connected