DevSecOps Engineer

About the Role:

Were looking fora team player with excellent interpersonal skills& serviceoriented. Creative & out of the box thinker. An autodidact quickeffectiveandversatilewhosable to change directions in midstream. Independent & Accountable. As aDevSecOpsEngineer atPayoneeryoullplay a critical role in embedding security throughout the software development lifecycle (SDLC).Youllhelp design implement andmaintainsecurity controls and automations across our CI/CD pipelines infrastructure and application stack.

Whatyoullbe spending your time on:

• Integrate andmaintainsecurity tools across the CI/CD pipeline:
• SAST (e.g. SonarQube)
• SCA (Software Composition Analysis) / Dependency Scanning ( GitHubDependabot)
• Secret Detection ()
• Container/Image Scanning (e.g. Aqua Prisma CloudTrivy)
• Drive security automation and enforcement for:
  Infrastructure as Code (e.g. Terraform)
  Configuration Management (e.g. Ansible Chef)
  GitOpsworkflows ()
  Embed security guardrails and best practices across the SDLC
  Automate compliance checks (e.g. OWASP Top 10 CIS Benchmarks) intodevelopment workflows
  Integrate with observability and monitoring systems (e.g. Prometheus Grafana ELKCoralogix)
• Collaborate cross-functionally with Product QA Development and IT/Ops teams to continuously improve the security posture
• Participate in on-call rotations for production systems as needed

Have you done this kind of stuff

• BS degree incomputersciencecomputer engineeringrelevant technicaldisciplineor equivalent practical experience
• At least3years experience as DevOps/DevSecOps/SecurityEngineer
• Experience with CI/CD tools and source control management tools (e.g. Git Azure DevOpsSonarQube Artifactory etc...)
• Proven experience securing CI/CD pipelines
• Expertisein SCA SAST secret scanning and container security
• A minimum of 3 years of exposure running production workloads(AWSAzureor GCP)
• Hands-on experience with Kubernetes Docker andGitOpstooling (ArgoCDor Flux)
• Proven Scripting capabilities:( logging SIEM and monitoring platforms
• Experience with IAMsecretsmanagement and compliance frameworks (SOC2 ISO etc.)
• High level LinuxOSexpertise
• Strong troubleshooting skills
• Proactive by nature; internal drive for excellence and improvement

Nota mustbut a great advantage

• Experience with relational and non-relational databases (Oracle PostgreSQL SQL MongoDB)Experience with software development and development frameworks
• Experience with event streaming and messaging platforms such as Kafka RabbitMQ
• Knowledge and understanding Storage and Networking

#LI-PG1

Required Experience:

IC