DevsecOps

Job Description

As a DevSecOps Engineer at Fynd, you will be responsible for embedding security into the DevOps lifecycle, automating security processes, and ensuring compliance across our cloud-based infrastructure. You will collaborate with cross-functional teams to implement security best practices and proactively mitigate security risks. What will you do at Fynd? Cloud Security & Infrastructure: Secure and manage cloud environments in GCP, AWS, and Azure. Implement best practices for cloud security, IAM, and compliance. Monitor and optimize cloud workloads for security and efficiency. Security Automation & DevOps Integration: Automate security processes using Ansible, Azure DevOps, and other tools. Integrate security checks into CI/CD pipelines to enable secure deployments. Conduct vulnerability assessments and harden infrastructure. Threat Detection & Incident Response: Deploy and manage IDS/IPS solutions to detect and prevent cyber threats. Monitor security logs and respond to incidents proactively. Work with SOC teams to enhance real-time threat detection. Compliance & Risk Management: Ensure adherence to industry security standards and compliance frameworks. Conduct gap assessments and implement remediation plans. Maintain security documentation and audit readiness. Collaboration & Continuous Improvement: Work closely with Engineering, DevOps, and Security teams to drive security initiatives. Stay updated with emerging security trends and threats. Advocate for a DevSecOps-first culture within the organisation. Some more requirements 5 to 7 years of experience in DevSecOps, Cloud Security, or Infrastructure Security. Strong expertise in GCP, AWS, and Azure security best practices. Proficiency in Linux administration and security hardening. Hands-on experience with Ansible, Azure DevOps, and CI/CD pipelines. Familiarity with security tools like IDS/IPS, SIEM, and vulnerability scanners. Knowledge of security frameworks (ISO 27001, NIST, CIS, etc.). Experience with JIRA for task management and tracking. Strong problem-solving skills and ability to work in a fast-paced environment. Preferred Qualifications (Nice to Have): Certifications like AWS Security Specialty, GCP Security Engineer, CISSP, CEH, or CKA. Experience with IaC security tools (Terraform, CloudFormation). Knowledge of container security (Docker, Kubernetes).