Devsecops Engineer

Job Description

Role Overview: This role focuses on integrating security best practices into CI/CD pipelines and production system deployments, ensuring security is embedded throughout the software development lifecycle. As a DevSecOps Engineer, you will work closely with architecture, development, and operations teams to make security a shared responsibility across all stages of software development and deployment. Your primary responsibility will be implementing security best practices, testing, and automation tools into CI/CD pipelines and production environments using industry-standard tools such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and other security mechanisms. Key Responsibilities : Security Integration into DevOps: Collaborate with development and operations teams to integrate security practices into every stage of the software development lifecycle, from code creation to deployment. CI/CD Pipeline Security: Configure, implement, and manage security tools and automation in CI/CD pipelines to detect vulnerabilities early in the development process. Security Testing: Use SAST and DAST tools to automate security testing for code and applications. Continuously monitor security scans, report findings, and recommend remediation strategies. Automation & Process Improvement: Continuously enhance and automate security processes to deliver secure software efficiently while minimizing manual intervention. Experience Required: 3+ years of experience in DevOps or a similar role focused on integrating security into CI/CD processes. Proven experience implementing and configuring security tools such as SAST, DAST, and other automation tools. Strong hands-on experience with CI/CD tools and languages (e.g., Jenkins, Groovy, Git, Python, Bash) for pipeline automation. Proficiency in cloud-native deployments and management (e.g., Helm, Kustomize), Kubernetes objects, and cluster debugging. Familiarity with Infrastructure as Code (IaC) tools like Terraform and Ansible. Knowledge of CIS benchmark recommendations and system hardening practices. Curious? Apply now :-cognyte.70.75E@applynow.io