Senior Staff Engineer (AI Developer DevSecOps Tools)

Requirements

• Experience : 7.5 years
• Strong software engineering experience with good hands-on experience developing AI/ML or security automation solutions.
• Strong programming expertise in Python with hands-on experience using libraries such as Scikit-learn PyTorch Pandas and NumPy.
• Experience developing AI-powered applications involving machine learning large language models (LLMs) automation or intelligent workflows.
• Strong understanding of DevSecOps practices and hands-on experience with security tools including SAST SCA secrets detection IaC scanning (Checkov Terrascan) and container image scanning (Trivy).
• Experience integrating security automation into CI/CD platforms such as Azure DevOps GitHub Actions Jenkins or GitLab CI.
• Hands-on experience with Docker Kubernetes (AKS/EKS preferred) and container security best practices.
• Working knowledge of policy-as-code frameworks such as OPA/Rego and Kubernetes security enforcement.
• Experience with LLM APIs including Azure OpenAI or OpenAI along with prompt engineering Retrieval-Augmented Generation (RAG) and AI-assisted code analysis.
• Experience building REST APIs and microservices using FastAPI or Flask.
• Familiarity with cloud platforms such as Microsoft Azure AWS or Google Cloud Platform and cloud-native security concepts.
• Knowledge of Infrastructure-as-Code technologies including Terraform ARM templates and Helm.
• Experience with secrets management solutions such as HashiCorp Vault or Azure Key Vault.
• Understanding of MLOps practices model deployment monitoring drift detection and CI/CD for machine learning solutions.
• Experience working with event-driven architectures and messaging platforms such as Azure Event Hub AWS EventBridge or Google Cloud Pub/Sub.
• Familiarity with cloud security platforms such as Prisma Cloud Wiz Aqua Security or Snyk is an advantage.
• Exposure to LangChain Semantic Kernel AutoGen or similar AI orchestration frameworks is desirable.
• Knowledge of GitOps tools such as ArgoCD or Flux and policy frameworks including HashiCorp Sentinel or Cedar is preferred.
• Experience integrating security tools with platforms such as Jira ServiceNow or Azure Sentinel SOAR is an added advantage.
• Strong analytical troubleshooting and problem-solving skills with the ability to develop scalable and secure enterprise solutions.
• Excellent communication and collaboration skills with experience working in Agile and cross-functional development environments.
• Bachelors degree in Computer Science Information Technology Engineering MCA or a related field.
• Security certifications such as CompTIA Security CEH CKS SC-200 or cloud security certifications (AZ-900 AWS Security Specialty GCP Professional Cloud Security Engineer) are desirable.

Responsibilities

• Design develop and maintain AI-powered automation solutions that integrate security into CI/CD pipelines and the software development lifecycle.
• Build intelligent security automation for CI/CD platforms such as Azure DevOps GitHub Actions Jenkins and GitLab CI implementing policy-as-code security gates and pre-merge vulnerability checks.
• Develop machine learning models to detect pipeline anomalies including suspicious code commits dependency changes and build integrity violations.
• Build and enhance LLM-powered remediation assistants for Infrastructure-as-Code (IaC) using Terraform ARM templates Helm charts Checkov and Terrascan.
• Develop Retrieval-Augmented Generation (RAG) pipelines leveraging internal security policies compliance standards and hardening guidelines to provide contextual remediation recommendations.
• Design and implement agentic AI workflows that orchestrate multiple security tools consolidate scan results prioritize findings and automate ticket creation.
• Develop NLP-based solutions to parse classify summarize and analyze security scan outputs across diverse tools and report formats.
• Build scalable RESTful APIs and microservices using FastAPI or Flask to expose AI-powered DevSecOps capabilities.
• Develop integrations between security platforms enterprise SIEM/SOAR solutions ticketing systems and developer platforms.
• Automate container and Kubernetes security workflows including image scanning runtime security monitoring and policy enforcement using OPA/Gatekeeper.
• Build event-driven automation pipelines leveraging cloud-native messaging services for real-time security event processing.
• Develop dashboards and reporting solutions to monitor security posture remediation metrics SLA compliance and pipeline health.
• Write unit tests integration tests and participate in peer code reviews to ensure code quality and reliability.
• Monitor deployed AI models and automation services implement model performance monitoring drift detection and automated retraining processes.
• Maintain CI/CD pipelines for AI model deployment using MLOps platforms such as Azure ML MLflow or equivalent technologies.
• Prepare technical documentation including API specifications architecture diagrams integration patterns operational runbooks and data models.
• Collaborate with engineering DevSecOps cloud and security teams to continuously improve automation reliability security coverage and developer experience.

Qualifications :

Bachelors or masters degree in computer science Information Technology or a related field.

Remote Work :

No

Employment Type :

Full-time