DevSecOps Engineer-AI Labs

Purpose/Objective

The DevSecOps Engineer – AI Labs is responsible for implementing security practices within the DevOps pipeline, ensuring secure, efficient, and scalable cloud and on-premise infrastructure. Reporting to the Lead - DevSecOps, this role focuses on deploying and automating security controls, monitoring infrastructure for vulnerabilities, optimizing CI/CD security, and supporting FinOps cost optimization efforts. The position requires hands-on experience in security automation, cloud security tools, and DevOps best practices, ensuring AI-driven applications remain secure, compliant, and cost-efficient.

Key Responsibilities of Role

DevSecOps Engineer-AI Labs CI CD Security & Automation: Implement security automation within CI CD pipelines, ensuring real-time threat detection and remediation. Integrate security testing tools (SAST, DAST, SCA) into DevOps workflows, reducing vulnerabilities in software releases. Develop Infrastructure as Code (IaC) security policies using Terraform and Kubernetes, enforcing compliance from deployment to runtime. Monitor and enhance container security, ensuring secure deployment and runtime configurations. Cloud & Infrastructure Security: Deploy security controls across cloud environments (Azure, GCP, Akamai) to protect AI-driven applications from cyber threats. Implement network security best practices, securing VPCs, firewalls, and access control policies. Enhance cloud security posture by configuring compliance tools (CSPM, SIEM, IDS IPS) for real-time security monitoring. Support automated patching and security hardening of cloud and on-prem infrastructure. FinOps & Cost Monitoring Support: Assist in cloud cost monitoring and optimization, ensuring efficient resource utilization and cost reduction. Analyze infrastructure spending patterns and provide insights to prevent unnecessary cost escalations. Optimize storage, compute, and networking resources to balance performance and cost efficiency. Support implementation of automated scaling policies, reducing idle resource consumption. Compliance & Risk Mitigation: Ensure adherence to industry security standards (ISO 27001, NIST, GDPR, CCPA) by implementing compliance automation. Perform regular vulnerability assessments and penetration testing, documenting risks and mitigation steps. Monitor audit logs, access controls, and security configurations, ensuring compliance with enterprise security policies. Assist in incident response and security investigations, ensuring rapid containment and resolution. Collaboration & Continuous Improvement: Work closely with developers, operations, and security teams to improve security integration within software development lifecycles. Participate in security awareness training, enabling teams to follow DevSecOps best practices. Contribute to technical documentation and knowledge sharing, ensuring consistent security implementations across projects. Continuously evaluate emerging security threats, recommending improvements to security frameworks. Key Stakeholders - Internal AI & Data Science Teams Cloud & DevOps Teams IT Security & Compliance Teams Engineering & Product Teams Key Stakeholders - External Cloud Security & DevOps Vendors (Azure, GCP, Akamai, Terraform, Jenkins) Security Auditors & Penetration Testing Firms DevSecOps Open-Source & Industry Communities

Technical Competencies

Database Management & Optimization-SDIL,Frontend Engineering & Experience Optimization-SDIL,Responsive Design & Cross-Browser Compatibility-SDIL

Qualifications and Experience

Educational Qualification: Bachelor’s or Master’s degree in Computer Science, Cybersecurity, Engineering, or related fields. Certification: Certified Kubernetes Security Specialist (CKS) AWS Certified Security – Specialty Google Professional Cloud Security Engineer Microsoft Azure Security Engineer Associate Certified Ethical Hacker (CEH) CISSP CompTIA Security+ HashiCorp Certified: Terraform Associate Certified DevSecOps Professional (CDP) Work Experience (Range of years): 1-10 years of experience in DevSecOps, cloud security, and AI infrastructure security.