3 Devsecops Practices Jobs

As an API and Application Security Specialist at Cywarden, you will play a vital role in ensuring the security and integrity of our clients" systems and data. You will collaborate with developers, architects, and security teams to implement advanced security measures across API ecosystems and software applications. Your responsibilities will include developing and implementing security strategies, conducting security assessments, performing threat modeling and risk assessments, managing authentication and authorization mechanisms, enforcing secure coding practices, responding to security incidents, ensuring compliance with industry standards, and maintaining detailed documentation of security policies. You will also provide training to development teams, implement security monitoring solutions, manage security tools for analysis, and develop security policies and procedures. To qualify for this role, you should have a Bachelor's degree in Computer Science or a related field, along with a minimum of 3-5 years of experience in API and application security. You should be proficient in security frameworks and protocols, experienced with API gateways, familiar with RESTful and GraphQL APIs, and have a strong understanding of encryption and authentication mechanisms. Knowledge of security testing tools, secure coding practices, programming languages, DevSecOps practices, and relevant certifications are preferred. Additionally, you should possess excellent problem-solving skills, strong communication skills, and the ability to work collaboratively in a team environment. This is a full-time, permanent position at Cywarden, offering benefits such as paid sick time, paid time off, performance bonuses, and yearly bonuses. The work schedule includes Monday to Friday night shifts on a rotational basis. The work location is in Mohali, Punjab, and reliable commuting or planning to relocate is required. If you meet the qualifications and are passionate about API and application security, we encourage you to apply for this rewarding opportunity at Cywarden.,

Position Overview: We are seeking an experienced Security Compliance Engineer Key Responsibilities: PCI DSS Compliance: Ensure that all aspects of our API services meet PCI DSS requirements. Conduct regular assessments, gap analysis, and provide remediation strategies. Security Controls Implementation: Design, implement, and manage security controls across the API development lifecycle to protect sensitive data and ensure compliance with industry standards. Risk Management: Identify potential security risks within the API services and infrastructure. Develop and implement risk mitigation strategies. Secure Code Review: Collaborate with development teams to perform secure code reviews, ensuring that APIs follow secure coding practices and comply with PCI DSS. Vulnerability Management: Conduct regular vulnerability scans, penetration testing, and security assessments on the API services. Work with development teams to remediate identified vulnerabilities. Incident Response: Develop and maintain incident response plans for security breaches related to API services. Lead incident investigations and ensure proper documentation and reporting. Audit Preparation: Prepare and maintain documentation for PCI DSS audits and other security compliance audits. Work with auditors to demonstrate compliance and address any findings. Training and Awareness: Provide training and guidance to development and operations teams on security best practices and compliance requirements. Foster a culture of security within the organization. Collaboration: Work closely with cross-functional teams, including DevOps, IT, and legal, to ensure that security and compliance are integrated into all aspects of the software development lifecycle. Required Qualifications: Education: Bachelors degree in Computer Science, Information Security, or a related field. Relevant certifications (e.g., CISSP, CISA, CISM, PCI QSA) are highly desirable. Experience: 5+ years of experience in security engineering or security compliance roles. Proven experience with PCI DSS compliance and audit processes. Strong understanding of API security best practices, secure coding, and encryption techniques. Technical Skills: Hands-on experience with security tools such as vulnerability scanners, penetration testing tools, and SIEM systems. Proficiency in security standards and frameworks, including PCI DSS, ISO 27001, NIST, and GDPR. Familiarity with cloud security, particularly in AWS environments, and securing cloud-native applications. Soft Skills: Strong problem-solving skills and the ability to work under pressure. Excellent communication skills, with the ability to explain complex security concepts to non-technical stakeholders. A proactive mindset with a focus on continuous improvement and staying up-to-date with the latest security trends and technologies. Preferred Qualifications: Experience with DevSecOps practices and integrating security into CI/CD pipelines. Knowledge of data privacy regulations and their implications on API services. Experience working in a fast-paced, agile development environment.,

Job Title: DevOps Engineer Experience: 7+ Years Location: Remote Notice Period: Immediate Worker Type: C2C / Full-Time (specify based on engagement) Mandatory Skills: DevOps, Azure DevOps, Terraform Key Responsibilities: Design, implement, and manage scalable CI/CD pipelines using Azure DevOps and GitHub Actions . Automate infrastructure provisioning using Terraform and configuration management tools like Ansible . Manage containerized applications in Kubernetes and Docker environments. Integrate and manage test automation frameworks (e.g., Selenium, JUnit) to uphold software quality. Embed vulnerability scanning tools such as SonarQube and OWASP ZAP into the pipeline for secure deployments. Monitor system health, performance, and proactively troubleshoot production issues. Collaborate with cross-functional teams to continuously improve DevOps processes and delivery pipelines. Participate in on-call support rotations and respond to incidents effectively. Stay current with DevOps trends , tools, and technologies to introduce process optimizations. Required Skills & Qualifications: Minimum 7 years of experience in DevOps or related roles. Strong scripting skills using Bash, PowerShell, or Python . Proficient in Azure Cloud Services and infrastructure-as-code (IaC) using Terraform . Expertise in containerization (Docker) and orchestration platforms (Kubernetes). Solid experience in Azure DevOps , GitHub Actions , and CI/CD best practices. Hands-on experience with tools like Ansible , Puppet , or Chef . Familiarity with automated testing tools and test integration in pipelines. Exposure to DevSecOps practices and tools for vulnerability scanning and compliance. Excellent problem-solving abilities and communication skills. Preferred Qualifications: Prior experience integrating test automation into CI/CD pipelines. Strong grasp of DevOps security best practices and cloud-native security principles. Azure certifications or equivalent cloud platform credentials are a plus. Interested candidates can apply at: B.Simran@ekloudservices.com Note: Immediate joiners preferred. Profiles with relevant DevOps + Azure + Terraform experience will be shortlisted on priority.