DevSecOps Engineer

Pune - India

Monthly Salary: Not Disclosed

Posted on: 13 hours ago

Vacancies: 1 Vacancy

Job Summary

Job Title: DevSecOps Engineer

Department: Technology

Location: Poloroche Business Avenue Viman Nagar Pune

Experience: 1-2 years

Reporting To: Senior Principal SRE and Head of Engineering

Role Overview

The DevSecOps Engineer - will be responsible for the secure design automation and compliance of cloud-native infrastructure across AWS and Kubernetes environments. This role focuses on embedding security controls within AWS workloads and CI/CD pipelines to ensure continuous compliance with organizational and regulatory standards.

Key Responsibilities

Deploy secure and manage Kubernetes environments in alignment with CIS and NIST controls.

Implement AWS security best practices for IAM networking storage encryption and logging.

Integrate security validation stages into CI/CD pipelines ensuring vulnerability scanning and compliance checks are automated.

Utilize AWS Config AWS Organizations Security Hub GuardDuty and CloudTrail to maintain continuous visibility and governance over workloads.

Author and enforce security policies RBAC configurations and least-privilege access models.

Automate governance tasks such as tagging enforcement configuration remediation and compliance reporting using Lambda or Step Functions.

Support compliance audits by providing configuration evidence and remediation reports.

Collaborate with cross-functional teams to ensure adherence to ISO 27001 and SOC2 security - compliance standards throughout the development lifecycle.

Conduct internal security training sessions for development and engineering teams across the organization.

Required Qualifications and Skills

Bachelors or Masters degree in Computer Science Information Security or a related field.

12 years of experience in DevSecOps Cloud Security or Infrastructure Automation.

Proficiency in at least one CI/CD tool such as CircleCI Argo Project GitHub Actions or similar is essential.

Exposure of Kubernetes operations security configurations and policy enforcement.

Hands-on experience with AWS services including IAM EC2 S3 VPC Lambda Organizations Secrets Manager Security Hub CloudTrail CloudWatch EventBridge Security Hub Route 53 CloudFront and ECR.

Experience integrating automated security tools like SonarQube OWASP ZAP Synk into CI/CD pipelines for proactive vulnerability management.

Understanding of the OWASP Top 10 vulnerabilities and secure coding practices.

Working knowledge of security and compliance frameworks including ISO 27001 and SOC2 and the ability to implement controls supporting these standards across cloud environments.

Good to Have

Understanding of OIDC SSO and identity federation between Kubernetes and AWS.

Exposure to Kubernetes Admission Controllers OPA/Gatekeeper or Kyverno for policy enforcement.

Experience with centralized secrets management tools such as AWS Secrets Manager.

Contribution to open-source DevSecOps tools community projects or speaking engagements at security conferences.

Relevant AWS or Kubernetes certifications

Job Title: DevSecOps Engineer Department: Technology Location: Poloroche Business Avenue Viman Nagar Pune Experience: 1-2 years Reporting To: Senior Principal SRE and Head of EngineeringRole OverviewThe DevSecOps Engineer - will be responsible for the secure design automation and compliance of cloud...