Cybersecurity & DevOps Engineer

Cybersecurity & DevOps Engineer

Location:

Role Summary

Cybersecurity & DevOps Engineer

The ideal candidate is comfortable working independently, setting standards from the ground up, and collaborating closely with developers to ensure secure, reliable, and scalable application delivery.

Key Responsibilities

Application & Code Security

• Own and enforce

  secure coding practices

  for PHP and Laravel applications
• Review application architecture and code changes with a security-first mindset
• Ensure protection against common vulnerabilities including SQL injection, XSS, CSRF, insecure authentication, and API exposure
• Define and maintain internal

  secure development guidelines

Security Automation & Testing

• Implement and manage

  automated security scanning tools

  , including:
• Static code analysis (SAST)
• Dependency and vulnerability scanning
• Integrate security checks into

  GitHub repositories and CI workflows

• Perform

  periodic penetration testing

  and vulnerability assessments
• Document findings clearly and work with development teams on remediation

DevOps & Infrastructure (Foundational Level)

• Manage secure deployment workflows for development, staging, and production environments
• Support CI/CD pipelines and application releases
• Maintain secure server access, secrets management, and environment configuration
• Monitor logs and systems for security-related events and anomalies

Security Ownership & Governance

• Act as the

  single point of ownership

  for cybersecurity within the organization
• Define and maintain security best practices, access controls, and incident response procedures
• Support security readiness for client requirements or audits when needed
• Provide security awareness guidance to developers and technical staff

Required Skills & Experience

Technical

• Strong understanding of

  web application security principles

• Hands-on experience securing

  PHP / Laravel applications

• Familiarity with

  GitHub workflows

  , pull requests, and CI/CD pipelines
• Experience using security tools for:
• Code scanning
• Dependency vulnerability management
• Web application testing
• Basic DevOps knowledge:
• Linux environments
• Cloud infrastructure (AWS, DigitalOcean, or similar)

Professional

• Ability to work

  independently with minimal supervision

• Comfortable being the

  sole security and DevOps owner

• Strong documentation and communication skills
• Practical, solution-oriented approach to security challenges
• High level of integrity, accountability, and attention to detail

Preferred Qualifications

• 36 years of experience in application security, DevOps, or hybrid roles
• Knowledge of

  OWASP Top 10

• Exposure to compliance frameworks (PCI-DSS, SOC-2) is a plus
• Basic experience with Docker or infrastructure automation is desirable

Working days: Monday to Friday

Working Hours : 9AM to 6PM