DevSecOps Engineer - Noida

DevSecOps Engineer
Experience Required: 6–8 Years
Location: Noida

Job Overview
We are seeking a seasoned DevSecOps Engineer with 6–8 years of hands-on experience in implementing security best practices across DevOps workflows. The ideal candidate will have deep expertise in ISO 27001:2022, SOC 2 Type II audits, and cloud-native security tools. You will play a critical role in integrating security into CI/CD pipelines, managing identity and access, and driving compliance across infrastructure and applications.

Key Responsibilities

• Lead and support ISO 27001:2022 and SOC 2 Type II compliance initiatives, representing DevOps and IT in audits and assessments
• Conduct monthly internal audits for User Access Management, ensuring adherence to least privilege principles and security policies
• Manage and integrate authentication mechanisms including Okta, AWS Cognito, OIDC Connect, and OAuth 2.0
• Design and maintain Enterprise Risk Matrices aligned with NIST, ISO, and CIS frameworks
• Develop and implement incident response policies and procedures to enhance organizational security posture
• Oversee security patching within release management cycles to ensure regulatory compliance
• Automate security workflows using AWS Security Hub, Inspector, Patch Manager, and EventBridge
• Build and maintain automated vulnerability mitigation tasks using AWS CodeBuild
• Use Terraform for Infrastructure as Code (IaC) to manage cloud resources securely and efficiently
• Create detailed audit reports with actionable insights to support continuous improvement
• Collaborate with cross-functional teams to translate complex security concepts into practical solutions for technical and non-technical stakeholders

Required Skills & Qualifications

• 6–8 years of experience in DevSecOps, Cloud Security, or IT Compliance
• Strong understanding of ISO 27001, SOC 2, NIST, and CIS frameworks
• Hands-on experience with AWS services, especially security tools
• Proficiency in Terraform, CI/CD pipelines, and DevOps automation
• Experience with identity and access management platforms (Okta, Cognito, etc.)
• Excellent communication and documentation skills
• Ability to work independently and lead security initiatives across teams

Preferred Qualifications

• AWS Security Specialty,
• Certified DevSecOps Professional
• Experience with container security, Kubernetes, or SAST/DAST tools
• Familiarity with SIEM platforms and security orchestration