Job Title: DevSecOps
Role Overview
We are seeking an experienced candidate in DevSecOps to architect, implement, and operationalize secure CI/CD pipelines, cloud environments, Terraform-based infrastructure, and security guardrails across mobile and cloud application teams. The ideal candidate is hands‑on with GitLab pipelines, AWS cloud environments, security tooling, IaC, and performance/scalability tuning. This role will initially be an individual contributor and later grow into a small DevOps/Platform Engineering team lead.
Key Responsibilities
1. CI/CD Pipeline Engineering (GitLab)
-
Architect and build GitLab CI/CD pipelines for both mobile (iOS/Android) and cloud applications.
-
Develop reusable pipeline templates, shared libraries, and YAML modules for engineering teams.
-
Automate environment‑specific build and deploy flows (dev, QA, UAT, prod).
-
Enhance build speed, caching strategy, and parallelization for optimal performance.
2. Cloud Deployment, Operations & Security (AWS)
-
Design and maintain AWS cloud accounts with strong security guardrails, including:
-
IAM roles, policy boundaries, least privilege design
-
VPC segmentation, subnets, NACLs, security groups
-
AWS Organizations & Service Control Policies (SCPs)
-
Implement cost management frameworks: Budgets, cost forecasting, tagging policies, cost optimization.
-
Deploy, manage, and optimize:
-
EKS / ECS clusters
-
EC2, Lambda, API Gateway
-
RDS, DynamoDB, S3, CloudFront
-
Setup monitoring and observability: CloudWatch, Prometheus/Grafana, ELK/EFK
-
Troubleshoot performance, reliability, scaling, and networking issues.
3. Infrastructure as Code (Terraform)
-
Build and maintain Terraform modules for AWS infrastructure creation and lifecycle management.
-
Implement standard IaC
-
Enforce IaC best practices
-
Automate AWS environment provisioning across multiple regions and workloads.
4. GitOps, Deployment Automation & Tooling
-
Implement automated deployment workflows using: ArgoCD or equivalent.
-
Ensure alignment between Git repositories, Terraform states, and actual cloud environments.
-
Define deployment strategies: Blue/Green, Canary, Rolling, Feature Flags.
-
Integrate secrets management (AWS Secrets Manager, etc).
5. Security, Compliance & Governance
-
Build mandatory security steps into pipelines
-
Ensure timely VAPT (Vulnerability Assessment & Penetration Testing) cycles and remediation tracking.
-
Establish security guardrails:
-
Hardened AMIs/containers
-
Secure CI/CD runners
-
IAM least‑privilege enforcement
-
TLS enforcement, encryption in transit & at rest
-
Define and enforce compliance with cloud security best practices.
Required Technical Skills
-
Deep expertise with GitLab CI/CD (required).
-
Strong proficiency in AWS: IAM, VPC, EKS/ECS, CloudFront, S3, Lambda, RDS, security controls.
-
Hands-on experience with Terraform.
-
Experience in continuous deployment tools.
-
Understanding of mobile build pipelines for iOS/Android.
-
Expert-level scripting skills: Bash, Python, YAML.
-
Strong knowledge of SAST, SCA, container scanning, secrets scanning.
-
Experience with:
-
Docker/Kubernetes
-
CloudWatch, ELK, Prometheus/Grafana
-
CDN, WAF, load balancers
-
Knowledge of OWASP, CIS Benchmarks, AWS Well-Architected Framework.
-
Experience with cost optimization tools like AWS Cost Explorer or CloudHealth.
-
Familiarity with provisioning iOS/macOS runners or build agents.
-
Experience with incident management, runbooks, and reliability engineering.
Soft Skills
-
Strong communication, documentation, and problem-solving skills.
-
Ability to collaborate across engineering, security, QA, product, and vendor teams.
-
Ownership mindset and ability to lead in ambiguous and fast-moving environments
