DevSecOps Engineer

Roles & Responsibilities

• Secure Development Integration

  Implement secure coding practices within the CI/CD pipeline by integrating automated security tools to enforce compliance with security standards and reduce vulnerabilities.

• Vulnerability Assessment

  Conduct regular vulnerability assessments and penetration tests to identify security weaknesses, prioritize risks, and implement remediation plans in collaboration with development teams.

• Infrastructure Security Management

  Design and maintain secure cloud or on-premises infrastructure, ensuring configurations meet security guidelines and best practices to protect against unauthorized access and data breaches.

• Security Incident Response

  Develop and execute incident response strategies, including logging, monitoring, and analyzing security incidents to mitigate impacts and prevent future occurrences.

• Automation of Security Processes

  Leverage scripting and automation to enhance security processes, enabling rapid detection and response to security threats while reducing manual workload and increasing efficiency.

• Collaboration with Development Teams

  Work closely with software engineers to incorporate security best practices throughout the software development lifecycle, providing education and guidance on secure code development.

• Compliance and Policy Enforcement

  Ensure systems and processes comply with industry standards and regulations by enforcing security policies, conducting audits, and participating in compliance initiatives and documentation.

Typical Required Skills and Qualifications

• 3+ years of experience in DevOps, software development, or IT security

• Proficiency in scripting languages such as Python, Bash, or Ruby

• Hands-on experience with security automation tools and cloud security technologies

• Familiarity with CI/CD pipelines and container orchestration tools like Kubernetes

• Knowledge of compliance frameworks and security best practices