Principal Application Security Specialist

Trigent Software Private Limited

Job Location:

Hyderabad - India

Monthly Salary: Not Disclosed

Posted on: 14 hours ago

Vacancies: 1 Vacancy

Job Summary

MUST HAVE (Minimum Qualifications)

Experience in application security DevSecOps or cloud security.
Deep expertise with GitLab (administration CI/CD pipelines runners security features).
Strong experience securing CI/CD platforms and software supply chains.
Experience integrating tools such as:
SAST DAST SCA Container security management secrets management
Experience with NIST OWASP Secure SDLC

CAREERS THAT CHANGE LIVES

Embed and refine security controls in GitLab CI/CD pipelines.
Automate testing (SAST/DAST/SCA container scans secrets detection) in pipelines.
Set and enforce secure pipeline standards guardrails and policies.
Architect and secure GitLab (runners projects configs permissions).
Ensure secure use of GitLab runners including isolation ephemeral runners and hardened execution environments.
Build and maintain security automation integrated into pipelines.
Develop reusable pipeline templates and security modules.
Implement policy-as-code and automated compliance validation.
Analyze pipeline and application security findings and drive remediation with engineering teams.
Prioritize vulnerabilities based on risk exploitability and business impact.
Track and report security posture of applications and pipelines.
Serve as the primary security advisor to DevOps and platform engineering teams.
Work with cloud and infrastructure teams to secure containerized and Kubernetes-based deployments.
Investigate pipeline or code repository compromise scenarios.
Develop detection mechanisms for suspicious CI/CD activity.
Support response to software supply chain incidents.

NICE TO HAVE (Preferred Qualifications)

Strongly Preferred:
Proficiency with: IAAC Containers Kubernetes Cloud Platforms (AWS Azure GCP)
Experience with DevSecOps practices and tools in a cloud-native environment (AWS Azure GCP).
Experience working in Agile or DevOps environments.

Strong scripting or programming skills (Python Go Bash or similar).
CISSP CSSLP CKS (Kubernetes Security Specialist)

MUST HAVE (Minimum Qualifications) Experience in application security DevSecOps or cloud security. Deep expertise with GitLab (administration CI/CD pipelines runners security features). Strong experience securing CI/CD platforms and software supply chains. Experience integrating tools such as...

MUST HAVE (Minimum Qualifications)

Experience in application security DevSecOps or cloud security.
Deep expertise with GitLab (administration CI/CD pipelines runners security features).
Strong experience securing CI/CD platforms and software supply chains.
Experience integrating tools such as:
SAST DAST SCA Container security management secrets management
Experience with NIST OWASP Secure SDLC

CAREERS THAT CHANGE LIVES

Embed and refine security controls in GitLab CI/CD pipelines.
Automate testing (SAST/DAST/SCA container scans secrets detection) in pipelines.
Set and enforce secure pipeline standards guardrails and policies.
Architect and secure GitLab (runners projects configs permissions).
Ensure secure use of GitLab runners including isolation ephemeral runners and hardened execution environments.
Build and maintain security automation integrated into pipelines.
Develop reusable pipeline templates and security modules.
Implement policy-as-code and automated compliance validation.
Analyze pipeline and application security findings and drive remediation with engineering teams.
Prioritize vulnerabilities based on risk exploitability and business impact.
Track and report security posture of applications and pipelines.
Serve as the primary security advisor to DevOps and platform engineering teams.
Work with cloud and infrastructure teams to secure containerized and Kubernetes-based deployments.
Investigate pipeline or code repository compromise scenarios.
Develop detection mechanisms for suspicious CI/CD activity.
Support response to software supply chain incidents.

NICE TO HAVE (Preferred Qualifications)

Strongly Preferred:
Proficiency with: IAAC Containers Kubernetes Cloud Platforms (AWS Azure GCP)
Experience with DevSecOps practices and tools in a cloud-native environment (AWS Azure GCP).
Experience working in Agile or DevOps environments.

Strong scripting or programming skills (Python Go Bash or similar).
CISSP CSSLP CKS (Kubernetes Security Specialist)