Devsecops Engineer - Security

At our core, we believe that security isn't a final check; it's the foundation of every line of code we ship. We are looking for a high-impact Security/DevSecOps Engineer who views security as an enabler of speed, not a bottleneck. You won't just be running scanners; you will be the architect of our "Secure-by-Design" philosophy. From hardening cloud perimeters to securing high-traffic mobile applications, you will bridge the gap between rapid development and ironclad protection. We need a "builder" who can automate away the mundane and lead the charge against evolving threats.

The Core Responsibilities For The Job Include The Following

DevSecOps and Automation (40%):

• Pipeline Integration: Seamlessly bake security into the CI/CD lifecycle using Jenkins, GitLab, or GitHub Actions, ensuring zero-touch vulnerability checks.
• Security as Code: Design and implement automation scripts for continuous security testing (SAST/DAST) and real-time monitoring.
• Orchestration Hardening: Secure our containerized workloads across Docker and Kubernetes, ensuring runtime security and image integrity.
  
  

Cloud and Infrastructure Defense (30%):

• Cloud Governance: Develop and enforce robust security controls across AWS, Azure, or GCP to prevent misconfigurations and data leaks.
• Threat Modeling: Collaborate with engineering teams early in the SDLC to identify architectural flaws before they become vulnerabilities.
• Access Management: Implement and oversee sophisticated authentication, authorization (IAM), and cryptographic protocols.
  
  

Mobile and Incident Leadership (30%):

• Mobile App Security: Leverage your past experience to audit and harden our mobile ecosystem against platform-specific threats.
• Incident Response: Lead the "Front Line" during security events, conducting deep-dive root cause analysis and post-mortem remediations.
• Compliance and Trends: Ensure we stay ahead of industry standards and regulations while keeping the team updated on the latest zero-day exploits and defense tactics.
  
  

Requirements

• Experience Depth: 3-4 years of dedicated experience in Application Security and DevSecOps roles.
• Cloud Proficiency: Hands-on mastery of at least one major cloud provider (AWS/Azure/GCP) and container orchestration (K8s/Docker).
• Tooling Fluency: Expert-level knowledge of automated security scanners and CI/CD platforms.
• Mobile Expertise: Proven track record of securing mobile applications and understanding mobile-specific security frameworks.
• Code Capability: Ability to script in Python or Go to automate security workflows (a significant plus).
  
  

This job was posted by Himanshi Tomer from TestMu AI.