Job Description
As a DevSecOps Engineer at CLOUDSTRATS TECHNOLOGY PVT. LTD, you will be at the forefront of integrating security practices into our continuous integration and delivery pipelines, ensuring that every piece of code and infrastructure component is built with robust protection from the outset. You will collaborate closely with software developers, security analysts, and operations teams to design automated security controls, conduct threat modeling, and implement compliance checks that align with industry standards. The role offers a dynamic, fast‑paced environment where innovative thinking is encouraged, and you will have access to cutting‑edge tools and continuous learning opportunities to deepen your expertise in cloud platforms, container orchestration, and security automation. By embedding security into the DevOps culture, you will directly influence the reliability and trustworthiness of our products, delivering tangible value to both the organization and its customers.
Requirements:
- 3+ years of experience in DevOps / DevSecOps / CI-CD Engineering.
- Strong hands-on expertise with GitLab CI/CD, Docker, Kubernetes.
- Experience integrating tools such as SonarQube, Snyk, OWASP ZAP, Trivy or similar.
- Proficiency in scripting using Bash / Python / PowerShell.
- Strong understanding of OWASP Top 10, secure coding, and application security principles.
- Experience with Identity & Access Management (IAM), secrets management, and secure configuration controls.
- Familiarity with release engineering, artifact repositories, and environment management.
- Strong troubleshooting, automation, and problem-solving skills.
Roles and Responsibilities:
- Design and manage secure CI/CD pipelines using GitLab with integrated security scanning and policy enforcement.
- Implement DevSecOps practices by embedding security checks across Build, Test, and Deployment stages.
- Integrate tools for SAST, DAST, Dependency Scanning, Container Scanning, and Secrets Detection.
- Manage container security for Docker and orchestration platforms like Kubernetes.
- Define and enforce secure coding, repository, branch protection, approvals, and access control policies.
- Automate security checks, compliance validation, and audit logging within CI/CD workflows.
- Collaborate with Development and Infra teams to remediate vulnerabilities and improve security posture.
- Manage secrets, credentials, certificates, and secure configurations across environments.
- Support release management with secure and compliant deployment processes.
- Monitor pipelines and systems for vulnerabilities, risks, and misconfigurations.
- Maintain documentation for security controls, processes, and audits.
Budget:
- Maximum Budget: ₹35,000 per month
- Job Type: Payroll
- Experience Range: 3to 4 years
Pay: ₹30,000.00 - ₹35,000.00 per month
Work Location: In person
