Company Profile:
Founded in 1976, CGI is among the largest independent IT and business consulting services firms in the world. With 94,000 consultants and professionals across the globe, CGI delivers an end-to-end portfolio of capabilities, from strategic IT and business consulting to systems integration, managed IT and business process services and intellectual property solutions. CGI works with clients through a local relationship model complemented by a global delivery network that helps clients digitally transform their organizations and accelerate results. CGI Fiscal 2024 reported revenue is CA$14.68 billion and CGI shares are listed on the TSX (GIB.A) and the NYSE (GIB). Learn more at cgi.com.
Job Title: Senior DevSecOps Engineer
Position: Senior DevSecOps Engineer
Experience: 6 - 9 Years
Category: IT Infrastructure
Main location: Bangalore
Position ID: J0726-0175
Role Purpose
As a Senior DevSecOps Engineer within the ASL team, candidate will be responsible for designing, securing, and scaling DevSecOps platforms and pipelines that enable secure-by-design software delivery across Amadeus. The role focuses on integrating security controls into CI/CD ecosystems, strengthening platform resilience, and supporting enterprise-wide Application Security and SDL initiatives.
________________________________________
Degree Expectation
- Bachelor’s or Master’s degree in Computer Science, Engineering, Systems Engineering, or equivalent
- Cloud certifications (Azure preferred; AWS/GCP acceptable) are highly recommended
________________________________________
Experience Expectation
- 5–8+ years of experience in DevSecOps / SRE / Platform Engineering
- Proven experience in secure CI/CD implementation, cloud environments, and automation at scale
- Exposure to application security practices (e.g., SAST, DAST, container security, secrets management) in enterprise environments
________________________________________
Key Responsibilities
- Architect, implement, and secure CI/CD pipelines (GitHub, GitLab, Jenkins) integrating automated security controls aligned with ASL/SDL requirements
- Operate and secure containerized platforms (Docker, Kubernetes) with strong adherence to DevSecOps and cloud security best practices
- Design and manage secure cloud-native architectures (preferably Microsoft Azure), including identity, networking, and platform security controls
- Implement and maintain DevSecOps toolchains, integrating security scanning solutions (SAST, DAST, SCA, container scanning) into build and release processes
- Develop and manage Infrastructure as Code (Terraform, Helm) to enable compliant, repeatable, and automated environment provisioning
- Ensure observability and reliability through logging, monitoring, alerting, and incident response frameworks for production-grade systems
- Automate operational workflows and security controls using Python scripting and platform automation techniques
- Enable data-driven decision making by developing dashboards and insights using Power BI (or similar tools), aligned with ASL KPIs and security metrics
- Leverage platforms such as Microsoft Fabric (or equivalent) for data integration, pipeline orchestration, and analytics
- Collaborate with Security, SDL, and Product teams to enforce secure development practices and improve overall application security posture
- Support high-availability and resilient systems, ensuring continuous, secure service delivery across environments
________________________________________
Deliverables / Expected Outcomes
- Fully automated, secure CI/CD pipelines with embedded security controls aligned to ASL standards
- Improved application security posture, with consistent adoption of DevSecOps and secure SDLC practices
- Highly available, scalable, and resilient DevSecOps platforms and toolchains
- Increased deployment velocity and operational efficiency through automation and standardization
- Enhanced observability and incident response readiness across platforms
- Actionable security and operational insights dashboards supporting governance, audits, and KPI tracking
- Strong alignment with CISO ASM strategy, enabling secure-by-default engineering practices across Amadeus
________________________________________
Key Competencies
- DevSecOps mindset with strong security-first approach
- Deep expertise in CI/CD, containers, cloud, and IaC
- Strong problem-solving and production support capabilities
- Ability to operate in a large-scale, enterprise, multi-stakeholder environment
- Excellent collaboration with global Security, SDL, and Engineering teams
Working experience with SAFe Agile framework will be a plus.
Life at CGI:
It is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…
You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction
Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise
You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons
Come join our team, one of the largest IT and business consulting services firms in the world.