Senior DevSecOps Engineer

Role Overview

We are seeking a DevSecOps Engineer / Senior DevSecOps Engineer to drive the integration of security into modern cloud and software delivery pipelines. This role focuses on embedding security across the entire SDLCspanning development infrastructure and operationsthrough automation tooling and best practices.

In addition to core DevSecOps responsibilities exposure to Security Operations (SOC) threat detection and incident response is highly valuable as this role works closely with security teams to strengthen the overall security posture and response capability.

Key Responsibilities

DevSecOps & Secure Delivery

• Integrate security controls into CI/CD pipelines (SAST DAST SCA container scanning IaC scanning)
• Champion secure coding and secure deployment practices in collaboration with DevOps and engineering teams
• Automate security checks remediation and governance within pipelines

Cloud & Infrastructure Security

• Implement and manage security controls across Azure AWS and hybrid environments
• Secure Infrastructure as Code (Terraform ARM templates or similar tools)
• Enforce cloud security posture management using tools such as Microsoft Defender for Cloud Azure Security Center or AWS Security Hub

Application & Container Security

• Implement container and Kubernetes security best practices (RBAC network policies image scanning)
• Apply application security principles aligned with OWASP Top 10
• Manage secrets and sensitive credentials using tools such as Azure Key Vault and AWS Secrets Manager

Identity Governance & Compliance

• Implement IAM RBAC and Zero Trust principles across environments
• Support vulnerability management and remediation workflows
• Contribute to compliance frameworks such as SOC 2 ISO 27001 and CIS benchmarks

Security Collaboration & SOC Alignment

• Work closely with SOC teams to align threat detection monitoring and incident response with DevSecOps practices
• Support threat detection security monitoring and incident response activities where required
• Contribute to improving detection engineering and security automation

Required Skills & Experience

DevSecOps Engineer

• 24 years of experience in DevOps Security or DevSecOps roles

Senior DevSecOps Engineer

• 5 years of hands-on experience in DevSecOps cloud security or related fields

Core Requirements

• Strong experience with CI/CD tools (Azure DevOps GitHub Actions Jenkins etc.)
• Solid understanding of Azure and/or AWS cloud platforms
• Hands-on experience with Infrastructure as Code (Terraform preferred)
• Proficiency in scripting (Python PowerShell or Bash)
• Understanding of application security principles (OWASP Top 10)
• Knowledge of IAM RBAC and core network security concepts

Nice to Have (Strong Advantage)

• Experience with security tools such as SonarQube Snyk Checkmarx Prisma Cloud or similar
• Hands-on experience with Docker and Kubernetes security (policy enforcement runtime security etc.)
• Experience with Policy-as-Code tools (OPA Azure Policy)
• Exposure to Microsoft security ecosystem (Azure Sentinel Microsoft Defender suite Intune)
• Knowledge of KQL for threat hunting and detection
• Experience with automation tools such as Logic Apps or similar
• Background in SOC incident response or threat monitoring

Certifications (Optional but Valuable)

• AZ-500 (Azure Security Engineer Associate)
• AWS Certified Security Specialty
• CEH or equivalent security certifications

Work Arrangement

• 247 roster-based environment (rotational support model)