DevSecOps Engineer

4 years

0 Lacs

Posted:1 day ago| Platform: Linkedin logo

Apply

Work Mode

On-site

Job Type

Full Time

Job Description

About the Role:

DevSecOps Engineer

The ideal candidate is passionate about automation, prevention-focused, and experienced in building scalable security controls within fast-paced engineering environments.


Key Responsibilities


1. Secure DevOps & Control Enforcement

  • Monitor CI/CD pipelines (e.g., AWS Code Pipeline, GitHub Actions) for policy violations, secret exposures, and insecure configurations.
  • Analyze and interpret results from security tools like

    SAST

    ,

    DAST

    ,

    IAST

    (e.g., SonarQube, Check Marx, OWASP ZAP, Dependency-Check).
  • Perform vulnerability triage on container scan reports and provide remediation guidance (e.g., base image hardening).
  • Conduct Infrastructure-as-Code (IaC) security reviews (Terraform, CloudFormation) to detect misconfigurations pre-deployment.
  • Enforce security guardrails within pipeline configurations (e.g., code signing, mandatory static analysis steps).
  • Monitor logs and security dashboards for anomalies in production and staging environments.
  • Provide real-time support for security events within the CI/CD or cloud infrastructure.


2. Security Automation & Collaboration

  • Implement automated security controls across CI/CD pipelines and track vulnerability status using tools like JIRA.
  • Develop scripts and automation for preventive controls and repeatable security checks (e.g., Python, Bash, Groovy).
  • Work closely with development and platform teams to promote secure coding, library hygiene, and secure deployment practices.
  • Participate in threat modeling, design reviews, and secure architecture discussions for new or evolving services.
  • Maintain clear documentation including playbooks, tool configurations, and developer security guidelines.
  • Evaluate and conduct POCs for emerging security tools, integrating effective solutions into the SDLC.


Ongoing Contributions

  • Track remediation SLAs for high-priority vulnerabilities in deployed applications.
  • Audit CI/CD pipelines for insecure bypasses or outdated security controls.
  • Review source code repository settings (branch protections, token scopes, access control).
  • Facilitate developer training and workshops on secure coding practices.
  • Update and maintain DevSecOps dashboards and metrics in collaboration platforms (e.g., JIRA, Confluence).
  • Contribute to post-incident reviews and drive continuous improvement of security response processes.


Qualifications & Experience

  • 2–4 years

    of hands-on experience in

    DevSecOps, Application Security, or Security Engineering

    .
  • Strong knowledge of

    CI/CD pipelines

    , version control systems, and security toolchains.
  • Practical experience with scripting languages (e.g., Python, Bash) and pipeline configurations (e.g., YAML).
  • Familiarity with

    cloud-native

    infrastructure (AWS, Azure, GCP) and associated security controls.
  • Understanding of security frameworks and standards (e.g.,

    OWASP Top 10

    ,

    SANS CWE 25

    ,

    NIST

    ,

    CIS

    ).
  • Experience with container security (Docker, Kubernetes) and vulnerability management.


Soft Skills & Attributes

  • Detail-oriented, with a strong focus on proactive security and automation.
  • Able to collaborate effectively across engineering, QA, and operations teams.
  • Strong analytical and problem-solving skills within dynamic DevOps environments.
  • Excellent communication and technical documentation abilities.
  • Self-driven, curious, and eager to stay ahead of evolving security challenges.


Why Join Us?

  • Work in a security-first culture with modern tech stacks.
  • Be at the forefront of securing cloud-native applications.
  • Collaborate with passionate professionals across engineering and security.
  • Grow in a role that offers continuous learning and impact.


Mock Interview

Practice Video Interview with JobPe AI

Start DevOps Interview
cta

Start Your Job Search Today

Browse through a variety of job opportunities tailored to your skills and preferences. Filter by location, experience, salary, and more to find your perfect fit.

Job Application AI Bot

Job Application AI Bot

Apply to 20+ Portals in one click

Download Now

Download the Mobile App

Instantly access job listings, apply easily, and track applications.

coding practice

Enhance Your Python Skills

Practice Python coding challenges to boost your skills

Start Practicing Python Now

RecommendedJobs for You

hyderabad, telangana, india

mumbai, maharashtra, india