strictly NCR only
INTERVIEW FACE TO FACE
NO VIRTUAL - PLEASE APPLY IF YOU ARE AVAILABLE FOR FACE TO FACE
We are seeking a skilled DevSecOps Engineer to design, implement, and maintain secure CI/CD pipelines, automate security testing, and ensure secure software delivery across cloud and on-premises environments. The ideal candidate will collaborate with Development, Security, and Operations teams to integrate security throughout the Software Development Life Cycle (SDLC).
Key Responsibilities
- Design, implement, and maintain secure CI/CD pipelines.
- Integrate security controls into the software development lifecycle (DevSecOps).
- Perform Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and secret scanning.
- Conduct vulnerability assessments and coordinate remediation activities.
- Secure containerized applications using Docker and Kubernetes.
- Implement Infrastructure as Code (IaC) security using Terraform, CloudFormation, or Ansible.
- Configure and manage cloud security controls on AWS, Azure, or Google Cloud Platform.
- Implement Identity and Access Management (IAM), encryption, secrets management, and key management.
- Monitor security events using SIEM, logging, and monitoring solutions.
- Automate security compliance and policy enforcement.
- Perform security reviews for application architecture and deployments.
- Support incident response, forensic analysis, and security investigations.
- Ensure compliance with industry standards such as ISO 27001, CIS Benchmarks, NIST, PCI DSS, or similar frameworks.
- Create technical documentation, SOPs, and security guidelines.
- Collaborate with cross-functional teams to improve overall security posture.
Required Technical Skills
- Linux Administration
- Git, GitHub, GitLab, Bitbucket
- Jenkins, GitHub Actions, GitLab CI/CD, Azure DevOps
- Docker and Kubernetes
- Terraform, Ansible, CloudFormation
- AWS, Microsoft Azure, or Google Cloud Platform
- SonarQube, Checkmarx, Semgrep
- OWASP ZAP, Burp Suite
- Trivy, Clair, Grype
- Snyk, OWASP Dependency-Check
- Gitleaks, TruffleHog
- SIEM tools (Splunk, ELK Stack, Wazuh)
- Prometheus and Grafana
- Python, Bash, PowerShell scripting
Required Knowledge
- DevSecOps practices and SDLC
- Secure coding principles
- OWASP Top 10
- API Security
- Identity & Access Management (IAM)
- OAuth, SAML, JWT
- SSL/TLS, PKI, Cryptography
- Network Security
- Vulnerability Management
- Threat Modeling
- Incident Response
- Compliance Frameworks (ISO 27001, NIST, CIS)
Educational Qualification
- Bachelor's degree in Computer Science, Information Technology, Cyber Security, or a related field.
- Relevant certifications are preferred.
Preferred Certifications
- Certified Kubernetes Security Specialist (CKS)
- Certified Kubernetes Administrator (CKA)
- AWS Certified Security – Specialty
- Microsoft Certified: Azure Security Engineer Associate
- Certified Information Systems Security Professional (CISSP)
- CompTIA Security+
- Certified Ethical Hacker (CEH)
- GIAC Security Certifications (Preferred)
Experience
- 5–8 years of experience in DevOps, Cloud Engineering, or DevSecOps.
- Experience with CI/CD pipeline implementation and security automation.
- Hands-on experience with container security, cloud security, and vulnerability management.
- Experience working in Agile and DevOps environments.
Soft Skills
- Strong analytical and troubleshooting skills.
- Excellent communication and documentation abilities.
- Ability to work independently and in cross-functional teams.
- Strong problem-solving and decision-making skills.
- Ability to manage multiple priorities in a fast-paced environment.
Pay: ₹60,000.00 - ₹100,000.00 per month
Work Location: In person