DevSecOps Engineer – Lead

Client: Domestic (Delhi-based client)
Experience required: To be eligible for this position, a minimum of 7 years of experience in Linux Administration is required.
Project Duration: 1 year. Renewal: Not known
Client Onsite: Noida, Okhla phase 2. New Delhi.
Employment Type: Full-Time / Payroll (Project-based clause) /Contractual ( I year) (Notice period 45 days)

Job Overview:

We are looking for a DevOps Engineer with a minimum 7 years of experience in building, managing, and automating DevOps pipelines and deployments on selfmanaged infrastructure.

This role demands hands-on experience with at least 2 tools from the following stack:

• Jenkins / CloudBees Jenkins
  
• Docker
  
• JFrog Artifactory
  
• SonarQube
  
• GitHub Enterprise

The candidate should be comfortable working in Linux environments, automating tasks with scripts, and configuring the DevSecOps ecosystem at an infrastructure and pipeline level.

Key Responsibilities & Expected Configuration Knowledge

Jenkins / CloudBees Jenkins:

• Design and write Jenkins file for pipeline-as-code (declarative or scripted)
• Create multi-branch pipelines
• Configure build triggers (SCM/webhook/cron), post-build actions, and shared libraries
• Install and configure Jenkins plugins (e.g., Git, SonarQube Scanner, Artifactory)
• Set up Jenkins agents (static or dynamic)
• Store build artifacts and test results
• Monitor and troubleshoot builds via console output and logs

Docker:

• Write and maintain Dockerfiles for application packaging
• Use docker-compose for local testing environments
• Build and tag images via Jenkins pipeline
• Push/pull images to/from JFrog Artifactory Docker registry
• Implement security best practices: base image validation, multi-stage builds, image cleanup automation

SonarQube:

• Configure SonarQube for Java/Maven (or .NET) projects
• Generate and analyze reports on code smells, vulnerabilities, bugs
• Enforce quality gates in Jenkins using sonarScanner CLI or plugin
• Set up project-level and global rulesets
• Manage access control and authentication

JFrog Artifactory:

• Set up and manage local repositories for Maven, Docker, and npm
• Configure virtual repositories for aggregation
• Implement artifact retention policies
• Automate artifact uploads from Jenkins using Artifactory plugin, REST API, or CLI
• Set user/group/permission targets for access control

GitHub Enterprise:

• Manage repositories, create branches, handle pull requests
• Configure branch protection rules and merge checks
• Implement webhook triggers to integrate with Jenkins
• Resolve merge conflicts and apply GitFlow or trunk-based workflows

Linux & Scripting:

• Navigate and manage Linux file systems
• Write Bash, Python, or PowerShell scripts for automation
• Configure log rotation and cleanup for Jenkins, SonarQube, Artifactory
• Set up reverse proxies (Nginx/Apache) if needed
• Review and troubleshoot logs in /var/log, /opt/Jenkins, or containers

• Integrate security scans (SAST, DAST, dependency scans) into CI/CD pipelines.
• Automate vulnerability detection and remediation using tools like SonarQube, Snyk, Checkmarx, and JFrog Xray.
• Secure code, containers, and cloud infrastructure with regular audits.
• Manage secrets and credentials using Vault or cloud key management services.
• Implement RBAC and least privilege access across DevOps tools.
• Ensure secure configuration and patching of servers, containers, and environments.
• Monitor pipelines and deployments for security incidents and compliance issues.
• Use trusted repositories and signed artifacts to prevent supply chain risks.
• Collaborate with development and operations teams to fix vulnerabilities early.
• Promote a security-first culture and continuous improvement in DevOps practices

Tools & Technologies (Hands-on Expectation):

CI/CD: Jenkins (CloudBees), GitHub Webhooks
SCM: GitHub Enterprise
Containers: Docker, Docker Compose
Quality: SonarQube
Artifacts: JFrog Artifactory (Maven + Docker)
Scripting: Bash, Python, PowerShell
OS: Linux (Ubuntu/CentOS), Windows (for .NET if applicable)
Build Tools: Maven, Gradle, dotnet CLI

Minimum Requirements:

• 7+ years total experience
• 4+ years hands-on with the following: Jenkins, Docker, SonarQube, JFrog Artifactory, GitHub Enterprise
• Clear understanding of DevSecOps workflows, not just tool usage
• Must be able to explain what they have configured and automated in each tool

Preferred Skills (Nice to Have):

• Exposure to infrastructure-as-code tools (e.g., Ansible, Terraform)
• Awareness of DevSecOps practices
• Experience with monitoring tools (Grafana, Prometheus, Nagios)
• Experience integrating .NET Core apps (IIS or Kestrel hosting)
• Code-level security

Candidate Submission Instruction:

To apply, candidates must:

• Include a detailed CV that lists DevOps tools used
• Clearly explain what configurations/implementations were done by them during the project (not their team)
  • An extended CV
  • Or a separate email/document that describes tool-by-tool hands-on experience

Note: Applications without actual hands-on configuration details will not be shortlisted.