DevSecOps Engineer

Full time
Chennai, Cochin, Trivandrum
Posted 1 year ago

Experience: 3+ Years

  • Automate security tools to our CI pipeline (Jenkins)
  • Proactively address security vulnerabilities by crafting countermeasures as well as implementing new industry solutions.
  • Be part of product architecture and infrastructure design – Design and leverage the backend infrastructure and its security aspects.
  • Collaborate with the development engineers and provide mitigation recommendations
  • Work closely with the DevOps group.
  • Solve challenges around OS security, protocol hardening, network segmentation, etc.
  • Research new security controls for the OS and our Application domain, review and integrate them into the system.
  • Explore and implement new security automation tools
  • Experience using SAST and DAST tools for application security testing Services.
  • Experience with IAAC tools like Terraform.
  • Experience with configuration management tools like Chef / Ansible.
  • Support application security reviews: Threat modeling, Application code (in-house) & dependencies (libraries, packages, etc.), Authentication & authorization flows, Application configuration, Data privacy (encryption, anonymization).
  • Experience building and maintaining infrastructure, tools, and services to improve delivery and availability.
  • Experience with containerized environments and micro-services (i.e. Docker & K8S).
  • Experience with cloud architectures such as GCP or AWS (AWS big advantage).
  • Knowledge of build/release systems, CI/CD systems, Jenkins, GIT.
  • Great programming and Scripting skills (Python, Bash, etc.).
  • Excellent problem-solving skills, along with the ability to work independently.
  • Being able to cooperate closely with all business lines and functions of the company.

As an advantage:

  • Background in the security domains such as secure execution, container security, pen testing, security audits etc.
  • Good familiarity with Snyk, SonarCube, Aqua, Nessus, and Jenkins.
  • Contribution to open source projects (additional bonus to security projects)
  • Familiarity with cryptographic algorithms, authentication protocols, transport layer security, Linux OS hardening principles (e.g: SELinux), secure coding practices (SSDLC) etc.
  • Desire to face and solve the unknown.
  • Proactive approach and initiative.

Apply for this Job

A valid email address is required.
A valid phone number is required.