Devsecops Engineer

DevOps / DevSecOps Engineer

This is a key technical role requiring strong foundations in networking, security, cloud-native application delivery, and security automation. You will be responsible for embedding security best practices throughout the development and deployment lifecycle.

Key Responsibilities:

• Design, deploy, and scale containerized applications using

  Kubernetes

  and

  Docker

  .
• Manage and optimize infrastructure primarily on

  Microsoft Azure

  , with exposure to AWS or GCP as needed.
• Build and maintain CI/CD pipelines and GitOps workflows for automated and secure deployments.
• Integrate

  security controls

  and automated security testing into CI/CD pipelines (SAST, DAST, dependency scanning).
• Ensure infrastructure reliability, scalability, cost-efficiency, and

  compliance with security

  standards.
• Implement and enforce cloud

  security best practices

  (firewalls, secrets, IAM, encryption, vulnerability management).

• Monitor

  system health, security events, and performance using logging, tracing, alerting, and SIEM tools.
• Conduct regular vulnerability assessments, threat modeling, and risk analysis.
• Collaborate with developers, ML engineers, and security teams to provision secure environments and support cloud-based AI services.
• Maintain compliance with relevant standards (e.g., SOC2, ISO 27001, GDPR) as required.

Required Skills & Experience

• 5 years in DevOps, DevSecOps, SRE, or infrastructure engineering roles.
• Strong hands-on experience with

  Kubernetes

  and

  Docker

  in production environments.
• Deep knowledge of

  cloud infrastructure

  , with a strong preference for

  Azure

  .
• Proficiency in

  infrastructure as code

  (e.g., Terraform, Bicep, Pulumi, or ARM templates).
• Solid grasp of

  networking

  ,

  DNS

  ,

  TLS

  , firewalls, secure service-to-service communication, and zero-trust principles.
• Experience integrating security tools into CI/CD (e.g., Snyk, Aqua, Trivy, Checkov).
• Familiarity with monitoring, logging, and security stacks (e.g., Prometheus, Grafana, ELK, Azure Monitor, Sentinel).
• Experience with CI/CD systems (GitHub Actions, Azure DevOps, etc.).
• Comfortable scripting in Bash, Python, or PowerShell.
• Understanding of secure SDLC, threat modeling, and vulnerability management.

Nice to Have

• Certifications in Azure (e.g., AZ-104, AZ-400), Kubernetes (CKA, CKAD), or security (e.g., CISSP, CCSP, Azure Security Engineer Associate).
• Experience with service meshes (e.g., Istio, Linkerd) or ingress controllers (NGINX, Traefik).
• Exposure to supporting AI/ML workloads (e.g., GPU provisioning, model serving).
• Knowledge of container security, secrets management (e.g., Azure Key Vault, HashiCorp Vault), and runtime security.
• Familiarity with multi-cloud or hybrid cloud strategies.
• Experience with compliance frameworks (SOC2, ISO 27001, GDPR, HIPAA).
• Experience with automated compliance as code and policy enforcement (e.g., OPA, Sentinel).