DevOps Engineer

Job Title: Senior DevSecOps Engineer (On-Premise) Location: On-Premise / Native Cloud Environments Experience: 5+ years DevOps, with 3+ years in DevSecOps Education: Bachelor’s in Computer Science, Engineering, or related field   Role OverviewAs a Senior DevSecOps Engineer, you will embed security throughout our software delivery lifecycle, working closely with Development, Operations, and Security teams. You’ll design, build, and maintain on-premise DevSecOps tooling and processes that drive secure, reliable, and scalable deployments—accelerating delivery without compromising security.   Key Responsibilities·     Security-First Advocacy ·     Champion DevSecOps best practices across teams ·     Deliver training, documentation, and hands-on guidance ·     Secure CI/CD Pipelines ·     Architect & maintain Jenkins and GitLab pipelines ·     Integrate static & dynamic analysis (SonarQube, OWASP ZAP) ·     Git Release Management ·     Define and enforce Git branching strategies (release branches, hotfixes) ·     Tagging, migration, backup, and recovery workflows in GitLab ·     Troubleshoot merge conflicts, pipeline failures, and repository issues ·     Infrastructure as Code (IaC) ·     Develop Ansible playbooks or Terraform modules(Preferable) ·     Ensure idempotent, version-controlled infrastructure builds ·     Container Orchestration & Management ·     Operate and scale Kubernetes clusters (Helm, custom charts) ·     Harden container runtime security (runtime policies, network segmentation) ·     Vulnerability Management ·     Configure and automate scans with Clair, Trivy, OWASP Dependency Check ·     Triage findings and drive remediation in development workflows ·     Secrets & Artifact Management ·     Implement GitSecrets/TruffleHog to prevent credential leaks ·     Administer Nexus for secure artifact storage ·     Security Automation & Tooling ·     Build scripts to integrate security checks into every pipeline stage ·     Automate compliance reporting and alerting ·     Monitoring & Observability ·     Design and maintain dashboards in Grafana for CI/CD, infrastructure, and application metrics ·     Configure alerting and incident response workflows based on Prometheus, Loki, ELK, etc. ·     Microservices & Data Platforms ·     Oversee deployment of Python/Java microservices on Kubernetes ·     Secure Kafka clusters and Redis instances for high-throughput data flows ·     Continuous Improvement ·     Evaluate emerging security tools and process improvements ·     Maintain up-to-date runbooks, playbooks, and incident response procedures   Required Qualifications·     Technical Expertise (Essential): ·     Kubernetes & Helm (3+ years) ·     Jenkins/GitLab CI & SonarQube (2+ years) ·     Ansible & Terraform (IaC) (2+ years) ·     Linux administration (3+ years) ·     Vulnerability scanning: Clair, Trivy, OWASP Dependency Check (2+ years) ·     Git branching, tagging, backup and recovery, and GitLab troubleshooting (2+ years) ·     Scripting/automation (Python, Bash, Groovy) (3+ years) ·     Artifact management: Sonatype Nexus (2+ years) ·     Monitoring & Observability: ·     Grafana dashboard design and Prometheus-based alerting (2+ years) ·     Soft Skills: ·     Excellent communication and collaboration ·     Strong problem-solving orientation ·     Ability to mentor and upskill cross-functional teams   Preferred / Plus·     Prior experience in fully air-gapped or offline environments ·     Hands-on with Kafka and Redis in production (1+ year) ·     Knowledge of ZOT or other private container registries