DevSecOps Engineer

Understand product vision and business needs to define product requirements and product architectural solutions. Use tools and methodologies to create representations for functions and user interface of desired product Develop high-level product specifications with attention to system integration and feasibility Define all aspects of development from appropriate technology and workflow to coding standards Communicate successfully all concepts and guidelines to development team Ensure software meets all requirements of quality, security, modifiability, extensibility etc. Collaborate with other professionals to determine functional and non-functional requirements for new software or applications Provide support for production escalations and problem resolution for customers. Analyse requirements, design develop & maintain software products in alignment with the technology strategy of the organization Participate in technical reviews of requirements, specifications, designs, code and other artifacts. Ensure commitments are agreed, reviewed and met. Learn new skills and adopt new practices readily in order to develop innovative and cutting-edge software products that maintain Company's technical leadership position. Plan, develop and manage the infrastructure to enable strategic and effective use of tools. Lead the evaluation/evolution of tools/technologies/programs with input from internal teams, external developers. Proactively identifying issues and improvement opportunities. Directing resources to diagnose and resolve complex system, application software, security and related problems that impact system and availability. Required education Bachelor's Degree Required technical and professional expertise 5 to 10 years of experience in DevOps, security engineering, or related fields. Strong understanding of DevOps practices, CI/CD tools (e.g., Jenkins, GitLab CI, GitHub Actions). Hands-on experience with security tools (e.g., SonarQube, Checkmarx, Aqua, Twistlock, Snyk). Familiarity with containerization and orchestration tools (Docker, Kubernetes). Solid scripting and automation skills (Python, Bash, Terraform, etc.). Experience with cloud platforms (AWS, Azure, GCP) and their security services. Knowledge of secure SDLC and threat modeling techniques. Preferred technical and professional experience Security certifications such as CISSP, CEH, OSCP, or AWS Security Specialty. Experience with policy-as-code tools like OPA/Gatekeeper or HashiCorp Sentinel. Understanding of modern application architectures (microservices, serverless). Familiarity with regulatory compliance frameworks.