DevSecOps Engineer

Role Summary

Embed security across CI / CD pipelines, cloud infrastructure, and deployment workflows. Automate security controls, harden infrastructure, and collaborate with engineering and DevOps to ensure systems are secure, scalable, and resilient.

Key Responsibilities

Integrate SAST, SCA, DAST, and container security into CI / CD pipelines

Automate security scans for code, dependencies, containers, and IaC

Implement secure IAM, VPC, firewall, and network configurations

Monitor vulnerabilities, track remediation, and ensure SLA compliance

Work with developers to fix security findings and improve coding practices

Manage secure infrastructure using Terraform, Docker, Kubernetes, Helm

Configure secrets management, access policies, and zero-trust controls

Support incident response and analyze cloud / platform security events

Document security practices, policies, and deployment guardrails

Skills & Experience

3-7 years in DevSecOps / Application Security / Cloud Security

Strong knowledge of secure SDLC, CI / CD, pipelines, and automation

Experience with Prisma Cloud, Snyk, Checkmarx, SonarQube, Fortify, or similar

Familiar with AWS / GCP and Kubernetes security

Good understanding of IAM, network security, encryption, firewalls, and WAF

Scripting ability in Python, Shell, or YAML

Basic experience with Terraform or other IaC tools

Mindset

Security-first, automation-focused, collaborative, and detail-oriented.