Job
Description
Role Description We are looking for a highly experienced Senior SecDevOps Analyst to lead and integrate security into every phase of our software development and deployment processes. This is a strategic and hands-on role focused on securing complex, hybrid, and large-scale customer-facing platforms. You will drive security initiatives across CI/CD pipelines, cloud infrastructure, container platforms, and enterprise applications while ensuring compliance, risk management, and effective incident response. Key Responsibilities Security Architecture & Engineering Design and implement secure infrastructure solutions in hybrid cloud and on-prem environments. Define and enforce security best practices for Infrastructure-as-Code (IaC), containerization, and microservices. Collaborate with architecture and engineering teams to ensure secure application design and delivery. DevSecOps Enablement Integrate security tools into CI/CD pipelines (e.g., SAST, DAST, SCA). Automate security and compliance checks using tools like Snyk, Checkov, Prisma Cloud, etc. Promote a DevSecOps culture through enablement, training, and technical documentation. Cloud & Container Security Secure cloud-native infrastructures (AWS, Azure, GCP) focusing on IAM, network segmentation, and data encryption. Deploy and monitor controls for containerized environments (Kubernetes, Docker) and serverless architectures. Monitoring, Detection & Incident Response Develop and maintain security monitoring and response procedures. Work with SOC and IT teams to investigate and resolve security incidents. Conduct root cause analyses and lead post-incident reviews to enhance overall security posture. Compliance & Governance Support audits and compliance programs such as PCI-DSS, ISO 27001, GDPR, and internal policies. Maintain and update documentation related to security controls, policies, and risk mitigation. Participate in third-party risk assessments and vendor security reviews. Collaboration & Leadership Serve as a trusted security advisor to DevOps, product, and IT teams. Mentor junior team members and build security awareness across the organization. Stay abreast of emerging security trends, threats, and technologies. Required Qualifications 8+ years of experience in Security Engineering, DevOps, or SecDevOps roles. Expertise in cloud security (preferably AWS), network security, and system hardening. Proficient in scripting (Python, Bash, PowerShell) and automation. Experience with CI/CD tools such as GitHub Actions, GitLab CI, Jenkins. Strong knowledge of IaC tools (Terraform, CloudFormation). Solid understanding of container security and orchestration (Docker, Kubernetes). Experience with security tools such as SIEM, EDR, vulnerability scanners. Familiarity with security standards and frameworks (NIST, CIS, ISO 27001, PCI-DSS, GDPR). Preferred Qualifications Certifications such as CISSP, CKS, OSCP, AWS Security Specialty. Experience in retail, e-commerce, or other large-scale customer environments. Knowledge of secure payments, fraud prevention, and customer data privacy. Understanding of Zero Trust Architecture and identity-centric security practices. Skills Information Security,Security Monitoring,Infrastructure Security Show more Show less
