Senior Site Reliability Engineer I

Key Responsibilities

• Security & Observability Integration
• Implement and maintain OTEL Gateway integrations for forwarding security telemetry to SIEM platforms.
• Build and maintain observability, logging, and alerting for security events across cloud and on-prem environments.
• Collaborate on SIEM integration, anomaly detection, and AI-enhanced observability.
• Compliance Automation & Governance
• Automate compliance controls and policy enforcement in CI/CD pipelines using tools like Checkov, GitHub Actions, and Kyverno.
• Develop and maintain Policy/Compliance data pipelines, normalization, drift detection, and scorecard automation.
• Define and enforce security and compliance policies aligned with frameworks such as NIST, ISO 27001, and SOC2.
• Security Tooling & Infrastructure Hardening
• Design and implement automation for secrets management, DLP, and vulnerability scanning.
• Harden CI/CD pipelines and container infrastructure using CIS benchmarks, Chainguard, and image scanning tools.
• Support Zero Trust, MFA, and OIDC-based identity management across platforms.
• AI-Driven Security Operations
• Partner with AI/ML teams to integrate AI-based threat detection, compliance scoring, and intelligent automation into security workflows.
• Explore and implement AI-enhanced policy enforcement, anomaly detection, and predictive risk analysis.
• Collaboration & Incident Response
• Lead and standardize incident response, disaster recovery, and technical resilience initiatives.
• Collaborate with software engineers, platform teams, and governance stakeholders to embed security into the SDLC.
• Train teams on security best practices and compliance requirements.
  

Required Skills & Experience

• 6+ years in SRE, DevSecOps, or Security Engineering roles.
• Strong experience with cloud platforms (Azure, AWS), SIEM integration, and OTEL.
• Proficiency in Infrastructure as Code (Terraform, ArgoCD) and Policy-as-Code (Checkov, Kyverno).
• Hands-on experience with security tooling (Snyk, TruffleHog, Qualys, Vault).
• Scripting and automation skills in Python, Bash, or PowerShell.
• Familiarity with AI/ML concepts and their application in security operations.
• Train teams on security best practices and compliance requirements including Zero Trust, MFA and secret management.
• Experience with observability tools (Grafana, Prometheus, Loki)
• Experience with compliance frameworks (NIST, ISO, SOC2) and governance programs.
• Strong communication, documentation, and cross-team collaboration skills.