Talent.com
This job offer is not available in your country.
Senior Infrastructure Security & Compliance Engineer

Senior Infrastructure Security & Compliance Engineer

People Prime World WideBangalore
30+ days ago
Job description

Role : Senior Infrastructure Security & Compliance Engineer.

Experience : 8-12y.

Work Location : Bangalore.

Payroll on : People Prime World Wide.

Notice : 0-15days.

Job Description :

Senior Infrastructure Security & Compliance Engineer (Zero-Touch GPU Cloud GitOps-Driven Compliance & Resilience).

We are seeking a Senior Infrastructure Security & Compliance Engineer with 10+ years of experience in infrastructure and platform automation to drive the Zero-Touch Build, Upgrade, and Certification pipeline for our on-prem GPU cloud environment.

This role is focused on integrating security scanning, policy enforcement, compliance validation, and backup automation into a fully GitOps-managed GPU cloud stack, spanning hardware ? OS ? Kubernetes ? platform layers.

Key Responsibilities :

  • Design and implement GitOps-native workflows to automate security, compliance, and backup validation as part of the GPU cloud lifecycle.
  • Integrate Trivy into CI / CD pipelines for container and system image vulnerability scanning.
  • Automate kube-bench execution and remediation workflows to enforce Kubernetes security benchmarks (CIS / STIG).
  • Define and enforce policy-as-code using OPA / Gatekeeper to validate cluster and workload configurations.
  • Deploy and manage Velero to automate backup and disaster recovery operations for Kubernetes workloads.
  • Ensure that all compliance, scanning, and backup logic is declarative and auditable through Git-backed repositories.
  • Collaborate with infrastructure, platform, and security teams to define security baselines, enforce drift detection, and integrate automated guardrails.
  • Drive remediation automation and post-validation gates across build, upgrade, and certification pipelines.
  • Monitor evolving security threats and ensure tooling is regularly updated to detect vulnerabilities, misconfigurations, and compliance drift.

Required Skills & Experience :

  • 10+ years of hands-on experience in infrastructure, platform automation, and systems security.
  • Primary key skills required are Python / Go / Bash scripting, OPA Rego policy writing, CI integration for Trivy & kube-bench, GitOps.
  • Strong knowledge and practical experience with :
  • Trivy for container, filesystem, and configuration scanning.
  • kube-bench for Kubernetes CIS benchmark compliance.
  • Velero for Kubernetes-native backup and disaster recovery.
  • OPA / Gatekeeper for policy-as-code and admission control.
  • Deep understanding of GitOps workflows (e.g., Argo CD, Flux) and how to integrate security tools declaratively.
  • Proven experience automating security, compliance, and backup validation in CI / CD pipelines.
  • Solid foundation in Kubernetes internals, RBAC, pod security, and multi-tenant best practices.
  • Familiarity with vulnerability management lifecycles and security risk remediation strategies.
  • Experience with Linux systems administration, OS hardening, and secure bootstrapping.
  • Proficiency in scripting languages such as Python, Go, or Bash for automation and tooling integration.

    • Bonus :

  • Experience with SBOMs, image signing, or container supply chain security.
  • Exposure to regulated environments (e.g., PCI-DSS, HIPAA, FedRAMP).
  • Contributions to open-source security / compliance projects.

    • (ref : hirist.tech)

    Create a job alert for this search

    Senior Infrastructure Engineer • Bangalore