Job Description :
Job Title : Senior DevSecOps Engineer
Experience : Minimum 5 yrs.+
Location : Mumbai
Reporting to : DevOps Team
Qualifications and Skills :
- Graduation (with relevant IT certification)
- Proven experience as an DevOps / Cloud Engineer with a proper hold on security concepts
- In-depth knowledge of Cloud (AWS) environment, security architectures, and related best practices.
- Hands-on experience with AWS Services like EC2, S3, RDS, Firewalls, intrusion detection / prevention systems i.e., IDS / IPS, VPN, and other security tools.
- Strong analytical and problem-solving skills
- Excellent communication and interpersonal abilities
Position Overview :
As a DevSecOps Engineer, you will play a crucial role in ensuring the integrity, confidentiality, and availability of our organization's cloud and on-prem infrastructure. This position involves designing, implementing, and maintaining robust solutions over cloud while proactively identifying and mitigating potential security threats. You will work closely with cross-functional teams to enhance our overall application performance, the organisation is fully-compliant and all the sensitive information / systems are well positioned for the growth.
Key Responsibilities :
Exposure in cloud security to design, implement, and maintain automated infrastructure deployments on cloud platforms (AWS)To set up secure cloud environments using services like EC2, VPC, S3, RDS etc in scalable architectural patterns.Can Implement and maintain cloud security best practices, including server hardening, vulnerability scanning, and patch managementPrior experience setting up CI / CD pipelines and have knowledge of a CSPM (Cloud Security Posture Mgmt) tools like AWS Security Hub / SentinelOne / PrismaCloud or similar toolHands-on experience in handling and understanding Windows & Linux platformsTo work on remediating observations identified in security audits and vulnerability assessments.Collaborate with teams to enforce security policies and ensure compliance with regulatory requirements of SEBI, NSE, BSE and CDSLShould have sound knowledge of change, incident & problem management and also proactively involve in optimising existing processes.GOOD TO HAVE
Assist in conducting Cyber Audit, System Audit, Patching of critical applications & timely completion of VAPT (Internal+ External)Monitor network performance and ensure optimal operation through regular assessments.Identify and resolve issues affecting network connectivity, latency, and bandwidth.Have knowledge of mock BCP / DR for critical applications.Hands-on experience in PAM solutions, Trading applications will be an added advantageConfigure and troubleshoot routers, switches, firewalls, and other network devices.Contribute to the definition of procedures & Processes necessary for the scope of work.Review necessary health check and monitoring reports and act appropriately.Work closely with IT teams and other departments to integrate security measures into all aspects of the network.