Overview
The DevSecOps Security Engineer will embed security into modern delivery for our customer environment. Based in Chennai, India, this hands-on role partners with local Engineering/DevOps to secure CI/CD pipelines, Kubernetes workloads, runtime environments, and threat hunting activities in alignment with enterprise standards.
Key Responsibilities
A) DevSecOps Enablement
- Pipeline Security: Integrate automated scans (SAST, SCA, IaC, container) into CI/CD (GitHub, Jenkins, Argo CD); enforce quality gates and break-glass workflows.
- IaC Guardrails: Implement policy-as-code for Terraform/Helm/manifests; codify baselines, waivers, and approvals in version control.
- Kubernetes Security: Enforce admission controls; implement least-privilege RBAC, network policies, image signing/attestations, and runtime defenses.
- Secrets & Identity: Harden secrets management; align to Zero Trust and least-privilege access patterns.
- Compliance Mapping: Align detections/controls to PCI-DSS where applicable; produce audit-ready artifacts (e.g., SBOMs and attestations).
- API & Bot Security (Desired): Implement API discovery/cataloging and API threat modeling; enforce WAAP/edge/CDN policies and rate limiting; deploy bot detection/mitigation and fraud signals.
B) Observability, Runtime Protection & Threat Hunting
- Runtime Monitoring: Deploy vulnerability, misconfiguration, drift, and anomaly detection across clusters and services.
- Telemetry & Dashboards: Build real-time observability using Grafana, OpenTelemetry, and OpenSearch (or equivalent).
- Threat Hunting:
- Conduct proactive threat hunts across cloud, Kubernetes, and application environments using logs, metrics, and security telemetry.
- Develop and refine detection logic, playbooks, and hypotheses based on TTPs, threat intel, and incident learnings.
- Collaborate with SOC/IR to tune alerts, reduce noise, and continuously improve detection coverage.
- IR Enablement: Partner with SOC/IR for evidence collection, triage, post-incident reviews, and improvement actions.
C) Delivery, Documentation & Stakeholders
- Execution: Own Jira epics/stories; deliver against roadmap with measurable outcomes.
- Docs & Runbooks: Maintain Confluence runbooks, playbooks, standards, and architecture diagrams.
- Communication: Provide weekly status, risk/issue tracking, and stakeholder updates (customer + internal).
Qualifications
- Bachelors in Computer Science, Cybersecurity, or related field; advanced degree a plus.
- Hands-on DevSecOps experience across CI/CD, Kubernetes, and cloud-native platforms.
- Strong IaC security and policy-as-code (Terraform/Helm/Git-based guardrails).
- Kubernetes security (admission controls, image signing/attestations, RBAC, Pod Security admission, network policies).
- Observability experience with tools such as Grafana, OpenTelemetry, OpenSearch (or similar stacks).
- Experience with CNAPP/CSPM platforms (e.g., Prisma Cloud/Cortex Cloud and/or Wiz).
- Threat Hunting & Detection Engineering:
- Proven experience in proactive threat hunting in cloud-native and Kubernetes environments.
- Ability to build, tune, and maintain detections and playbooks across logging/monitoring platforms and security tools.
- API & Bot Security (Desired): API discovery/cataloging; API threat modeling; WAAP/edge/CDN policies; rate limiting; bot detection/mitigation & fraud signals. Experience with Akamai/Cequence is a plus.
- Strong troubleshooting, stakeholder communication, and cross-team collaboration skills.
