DevSecOps Engineer

Boston, NH - USA

Monthly Salary: Not Disclosed

Posted on: 8 hours ago

Vacancies: 1 Vacancy

Job Summary

Roles & Responsibilities

1. Secure SDLC & Application Security Embed security controls at every stage of the SDLC.

Conduct threat modeling secure code reviews and risk assessments.

Implement SAST DAST SCA tools and interpret results for development teams.

Enforce secure coding standards and promote security-first development culture.

2. CI/CD Pipeline Security

Build and maintain secure CI/CD pipelines (GitHub Actions GitLab CI Jenkins Azure DevOps).

Automate security scanning and policy enforcement in build and deployment workflows.

Integrate secrets management and environment hardening into pipelines.

3. Cloud & Infrastructure Security

Implement Infrastructure as Code (IaC) security reviews using Terraform CloudFormation ARM or Pulumi.

Validate and enforce cloud security best practices (AWS Azure GCP).

Deploy and maintain cloud-native security tools such as AWS GuardDuty Azure Defender GCP SCC.

4. Container & Kubernetes Security

Build secure container images and manage scanning (Trivy Aqua Clair Prisma Cloud).

Enforce Kubernetes hardening controls (RBAC network policies pod security).

Monitor cluster security posture and remediate vulnerabilities.

5. Security Automation & Tooling

Develop automated playbooks/scripts using Python Bash or PowerShell.

Integrate SIEM/SOAR platforms with build/deployment workflows.

Automate vulnerability management workflows and remediation processes.

6. Compliance & Governance

Support adherence to NIST ISO 27001 SOC 2 PCI-DSS and internal security policies.

Implement guardrails and policy-as-code using OPA Conftest or AWS/Azure policy engines.

Produce audit-ready documentation and reporting.

7. Monitoring & Incident Response

Integrate security telemetry into pipelines and cloud environments.

Respond to and triage security incidents related to CI/CD code or cloud workloads.

Conduct root-cause analysis and implement preventative measures.

Experience Required 10 yrs

Required Skills & Qualifications

3 7 years experience in Cybersecurity DevSecOps or Cloud Security roles.

Strong programming/scripting abilities (Python Go Bash or PowerShell).

Hands-on experience with CI/CD tools and automation.

Solid understanding of security vulnerabilities such as OWASP Top 10 CWE CVE.

Experience with containers and Kubernetes security. Familiarity with microservices APIs and distributed systems.

Knowledge of cloud networking identity secrets management and encryption.

Salary Range: $95000 - $130000 a year

TCS Employee Benefits Summary:

Discretionary Annual Incentive.
Comprehensive Medical Coverage: Medical & Health Dental & Vision Disability Planning & Insurance Pet Insurance Plans.
Family Support: Maternal & Parental Leaves.
Insurance Options: Auto & Home Insurance Identity Theft Protection.
Convenience & Professional Growth: Commuter Benefits & Certification & Training Reimbursement.
Time Off: Vacation Time Off Sick Leave & Holidays.
Legal & Financial Assistance: Legal Assistance 401K Plan Performance Bonus College Fund Student Loan Refinancing.

Roles & Responsibilities 1. Secure SDLC & Application Security Embed security controls at every stage of the SDLC. Conduct threat modeling secure code reviews and risk assessments. Implement SAST DAST SCA tools and interpret results for development teams. Enforce secure coding...