GDC DevSecOps Security Engineer (with Splunk) for SEA E-Commerce Cequence Platform Project
GDC DevSecOps Security Engineer (with Splunk) for SEA E-Commerce Cequence Platform Project
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
We have received a requirement for DevSecOps Security Engineer position.
The candidate must have expertise in Splunk. Kindly refer to the attached JD for further details.
Please find the details below:
1. Location : Chennai
2. Work Mode : Work from Office
3. Indian Shift Timing : 2:00 PM - 11:00 PM IST
4. Joining Date : 16th October 2025
5. Preferred Experience Level : 6-10 Years
7. No. of Positions : 1
Budget Upto 27- 28 LPA
Job Title: DevSecOps Security Engineer - with Splunk Expertise
Overview
The DevSecOps Security Engineer will embed security into modern delivery for our customer environment while also providing Splunk engineering support to our internal team. Based in Chennai India this hands-on role partners with local Engineering/DevOps to secure CI/CD pipelines Kubernetes workloads and runtime environments in alignment with enterprise standards. Experience with API and Bot security is a plus.
Primary focus: Customer DevSecOps enablement (pipelines IaC guardrails Kubernetes hardening runtime detection/response observability)
Secondary focus: Internal Splunk SME work (use cases onboarding dashboards compliance reporting)
Target allocation: 80% Customer DevSecOps / 20% Internal Splunk (subject to business needs)
Key Responsibilities
A) Customer DevSecOps Enablement
Pipeline Security: Integrate automated scans (SAST SCA IaC container) into CI/CD (GitHub Jenkins Argo CD); enforce quality gates and break-glass workflows.
IaC Guardrails: Implement policy-as-code for Terraform/Helm/manifests; codify baselines waivers and approvals in version control.
Kubernetes Security: Apply CIS Benchmarks; enforce admission controls; implement least-privilege RBAC network policies image signing/attestations and runtime defenses.
Secrets & Identity: Harden secrets management; align to Zero Trust and least-privilege access patterns.
Compliance Mapping: Align detections/controls to MITRE ATT&CK CIS NIST and PCI where applicable; produce audit-ready artifacts (e.g. SBOMs and attestations).
API & Bot Security (Strongly Preferred): Implement API discovery/cataloging and API threat modeling; enforce WAAP/edge/CDN policies and rate limiting; deploy bot detection/mitigation and fraud signals.
B) Observability & Runtime Protection
Runtime Monitoring: Deploy vulnerability misconfiguration drift and anomaly detection across clusters and services.
Telemetry & Dashboards: Build real-time observability with Grafana OpenTelemetry and OpenSearch.
On-Call & Escalations: Configure PagerDuty and ticketing (Jira/ServiceNow); reduce MTTR with clear ownership and runbooks.
IR Enablement: Partner with SOC/IR for evidence collection triage post-incident reviews and improvement actions.
C) Splunk (Internal Team Support)
Log Onboarding & Tuning: Integrate new data sources perform field extractions apply lifecycle policies; maintain index health. (Nice to have: ingest API gateway/WAAP/bot telemetry.)
Detection Engineering: Author/tune SPL searches and correlation rules; map detections to MITRE/CIS; reduce false positives.
Dashboards & Reporting: Deliver detection/operations dashboards and automated compliance/audit reports.
Platform Care: Support upgrades performance tuning license utilization and app maintenance.
D) Delivery Documentation & Stakeholders
Execution: Own Jira epics/stories; deliver against roadmap with measurable outcomes.
Docs & Runbooks: Maintain Confluence runbooks playbooks standards and architecture diagrams.
Communication: Provide weekly status risk/issue tracking and stakeholder updates (customer internal).
Qualifications
Bachelors in Computer Science Cybersecurity or related field; advanced degree a plus.
Hands-on DevSecOps experience across CI/CD Kubernetes and cloud-native platforms.
Strong IaC security and policy-as-code (Terraform/Helm/Git-based guardrails).
Kubernetes security (CIS admission controls image signing/attestations RBAC Pod Security admission network policies).
Observability: Grafana OpenTelemetry OpenSearch; on-call tooling (PagerDuty).
Splunk (Required): data onboarding SPL dashboards correlation rules compliance reporting and performance tuning.
Scripting/automation (REST CLI Ansible Terraform); familiarity with SOAR Jira/ServiceNow.
Experience with CNAPP/CSPM platforms (Prisma Cloud and/or Wiz).
API & Bot Security (Strongly Preferred): API discovery/cataloging; API threat modeling; WAAP/edge/CDN policies; rate limiting; bot detection/mitigation & fraud signals. Akamai/Cequence experience is a plus.
Strong troubleshooting stakeholder communication and cross-team collaboration skills.
Employment Type
Full-time
