Role & responsibilities Job Title: DevSecOps Engineer Location: Mumbai / Vizag Experience Required: 3-5 Years Budget : 10 to 12 LPA (All Inclusive) Immediate Joiner Job Overview: The DevSecOps Engineer will be pivotal in embedding security into the DevOps pipeline, working closely with development, operations, and security teams. This role involves fostering a culture of security awareness and implementing DevSecOps best practices to ensure secure, efficient, and scalable deployments. By setting up and managing a suite of on-premises DevSecOps tools, the engineer will play a key role in enhancing the organizations security posture and supporting the overall goals of reliability, speed, and resilience in software delivery. Key Responsibilities: Collaboration and Advocacy: Partner with development, operations, and security teams to promote security awareness and DevSecOps principles. CI/CD Pipeline Development: Build and maintain secure CI/CD pipelines using Jenkins, GitLab, and SonarQube, automating all stages of the software development lifecycle. Infrastructure as Code (IaC): Implement and manage configuration with Ansible and cloud infrastructure provisioning with Terraform to create scalable, repeatable environments. Container Orchestration: Utilize Kubernetes to manage and scale applications in production, ensuring efficient deployment of containerized workloads. Vulnerability Management: Configure and manage security scanning tools like Clair, Trivy, OWASP Dependency Check, and OWASP ZAP to detect and address vulnerabilities early in the development lifecycle. Secrets Management: Secure sensitive data using tools such as GitSecrets and TruffleHog to avoid accidental exposure of credentials within code repositories. Security Monitoring and Compliance: Integrate SonarQube for continuous code quality checks and ensure security compliance with industry standards. Security Workflow Automation: Develop scripts and automation processes to integrate security tools within DevOps workflows, improving the security stance without affecting deployment speed. Microservices Management: Oversee multiple repositories hosting Python-based microservices, deploying them on Kubernetes while ensuring high standards of performance and maintainability. Database and Artifact Management: Implement and secure Apache Kafka clusters, manage Redis databases, and integrate Sonatype Nexus for artifact repository management. Security Testing: Conduct security assessments and vulnerability testing using Burp Suite, helping to identify and mitigate security risks in applications. Qualifications Education & Experience: Bachelors degree in Engineering, Computer Science, or a related field. Minimum of 3+ years of experience in DevOps with strong focus on Kubernetes and Docker. Hands-on experience with DevOps tools, Helm, Kubernetes, and container orchestration. Skills & Competencies Technical Skills (Mandatory): Kubernetes,Helm,Ansible,Zot,Git Hub,SonarQube,OWASAP,Clair,Trivy Strong understanding of Linux atleast 3+ yrs Secure CI/CD pipeline development with Jenkins, GitLab, and SonarQube 2+ Yrs Proficiency in Ansible (IaC) 2+ yrs Kubernetes for container orchestration3+ Familiarity with vulnerability scanning tools (Clair, Trivy, OWASP Dependency Check).2+ Yrs Secrets management tools like GitSecrets and TruffleHog 2+ Yrs Continuous code quality and compliance monitoring using SonarQube 2+ yrs Automation skills for integrating security tools into DevOps workflows 3+ yrs Experience with Apache Kafka and Redis for secure configuration and performance optimization 1+ yrs Artifact repository management using Sonatype Nexus 2+ yrs Added Advantage Preferred candidate profile Experience with On-Premise Infrastructure Proficiency in Docker and Kubernetes Familiarity with Jenkins for CI/CD Knowledge of Security Tools and Practices Experience with Nginx and Tomcat for web server and application server management Thanks, Abha Mishra 9766885934
FIND ON MAP