Company Description
We're Nagarro.
We are a Digital Product Engineering company that is scaling in a big way! We build products, services, and experiences that inspire, excite, and delight. We work at a scale — across all devices and digital mediums, and our people exist everywhere in the world (18500+ experts across 40 countries, to be exact). Our work culture is dynamic and non-hierarchical. We are looking for great new colleagues. That is where you come in!
Job Description
Requirements
-
Experience : 7.5+ years
-
Strong software engineering experience with good hands-on experience developing AI/ML or security automation solutions.
-
Strong programming expertise in Python with hands-on experience using libraries such as Scikit-learn, PyTorch, Pandas, and NumPy.
-
Experience developing AI-powered applications involving machine learning, large language models (LLMs), automation, or intelligent workflows.
-
Strong understanding of DevSecOps practices and hands-on experience with security tools including SAST, SCA, secrets detection, IaC scanning (Checkov, Terrascan), and container image scanning (Trivy).
-
Experience integrating security automation into CI/CD platforms such as Azure DevOps, GitHub Actions, Jenkins, or GitLab CI.
-
Hands-on experience with Docker, Kubernetes (AKS/EKS preferred), and container security best practices.
-
Working knowledge of policy-as-code frameworks such as OPA/Rego and Kubernetes security enforcement.
-
Experience with LLM APIs including Azure OpenAI or OpenAI, along with prompt engineering, Retrieval-Augmented Generation (RAG), and AI-assisted code analysis.
-
Experience building REST APIs and microservices using FastAPI or Flask.
-
Familiarity with cloud platforms such as Microsoft Azure, AWS, or Google Cloud Platform and cloud-native security concepts.
-
Knowledge of Infrastructure-as-Code technologies including Terraform, ARM templates, and Helm.
-
Experience with secrets management solutions such as HashiCorp Vault or Azure Key Vault.
-
Understanding of MLOps practices, model deployment, monitoring, drift detection, and CI/CD for machine learning solutions.
-
Experience working with event-driven architectures and messaging platforms such as Azure Event Hub, AWS EventBridge, or Google Cloud Pub/Sub.
-
Familiarity with cloud security platforms such as Prisma Cloud, Wiz, Aqua Security, or Snyk is an advantage.
-
Exposure to LangChain, Semantic Kernel, AutoGen, or similar AI orchestration frameworks is desirable.
-
Knowledge of GitOps tools such as ArgoCD or Flux and policy frameworks including HashiCorp Sentinel or Cedar is preferred.
-
Experience integrating security tools with platforms such as Jira, ServiceNow, or Azure Sentinel SOAR is an added advantage.
-
Strong analytical, troubleshooting, and problem-solving skills with the ability to develop scalable and secure enterprise solutions.
-
Excellent communication and collaboration skills with experience working in Agile and cross-functional development environments.
-
Bachelor's degree in Computer Science, Information Technology, Engineering, MCA, or a related field.
-
Security certifications such as CompTIA Security+, CEH, CKS, SC-200, or cloud security certifications (AZ-900, AWS Security Specialty, GCP Professional Cloud Security Engineer) are desirable.
Responsibilities
-
Design, develop, and maintain AI-powered automation solutions that integrate security into CI/CD pipelines and the software development lifecycle.
-
Build intelligent security automation for CI/CD platforms such as Azure DevOps, GitHub Actions, Jenkins, and GitLab CI, implementing policy-as-code, security gates, and pre-merge vulnerability checks.
-
Develop machine learning models to detect pipeline anomalies, including suspicious code commits, dependency changes, and build integrity violations.
-
Build and enhance LLM-powered remediation assistants for Infrastructure-as-Code (IaC) using Terraform, ARM templates, Helm charts, Checkov, and Terrascan.
-
Develop Retrieval-Augmented Generation (RAG) pipelines leveraging internal security policies, compliance standards, and hardening guidelines to provide contextual remediation recommendations.
-
Design and implement agentic AI workflows that orchestrate multiple security tools, consolidate scan results, prioritize findings, and automate ticket creation.
-
Develop NLP-based solutions to parse, classify, summarize, and analyze security scan outputs across diverse tools and report formats.
-
Build scalable RESTful APIs and microservices using FastAPI or Flask to expose AI-powered DevSecOps capabilities.
-
Develop integrations between security platforms, enterprise SIEM/SOAR solutions, ticketing systems, and developer platforms.
-
Automate container and Kubernetes security workflows, including image scanning, runtime security monitoring, and policy enforcement using OPA/Gatekeeper.
-
Build event-driven automation pipelines leveraging cloud-native messaging services for real-time security event processing.
-
Develop dashboards and reporting solutions to monitor security posture, remediation metrics, SLA compliance, and pipeline health.
-
Write unit tests, integration tests, and participate in peer code reviews to ensure code quality and reliability.
-
Monitor deployed AI models and automation services, implement model performance monitoring, drift detection, and automated retraining processes.
-
Maintain CI/CD pipelines for AI model deployment using MLOps platforms such as Azure ML, MLflow, or equivalent technologies.
-
Prepare technical documentation including API specifications, architecture diagrams, integration patterns, operational runbooks, and data models.
-
Collaborate with engineering, DevSecOps, cloud, and security teams to continuously improve automation reliability, security coverage, and developer experience.
Qualifications
Bachelor’s or master’s degree in computer science, Information Technology, or a related field.
