Senior DevSecOps Engineer

MindPlus (Pvt) Ltd


Job Location:

Colombo - Sri Lanka

Monthly Salary: Not Disclosed
Posted on: 4 hours ago
Vacancies: 1 Vacancy

Job Summary

About the Client

Our client is a leading technology consulting and digital transformation company specializing in delivering innovative data cloud and cybersecurity solutions to the financial services industry. With a strong focus on business optimization cloud technologies and secure software delivery the organization partners with enterprise clients to build scalable resilient and high-performing digital solutions. Operating across multiple international locations our client offers professionals the opportunity to work on cutting-edge technologies in a collaborative and growth-oriented environment.

About the Role

We are looking for a DevSecOps Engineer / Senior DevSecOps Engineer to integrate security into the software development and operations lifecycle. This role is responsible for securing cloud environments applications and CI/CD pipelines through automation best practices and modern security tools.

In addition to DevSecOps responsibilities experience in Security Operations (SOC) threat detection and incident response will be highly advantageous as the role works closely with security teams to strengthen the organizations overall security posture.

Key Responsibilities

  • Integrate security into CI/CD pipelines using SAST DAST SCA container and Infrastructure as Code (IaC) scanning tools.
  • Implement and manage security controls across Azure AWS and hybrid cloud environments.
  • Secure Infrastructure as Code (IaC) using Terraform ARM or similar technologies.
  • Collaborate with DevOps teams to implement secure coding testing and deployment practices.
  • Apply container and Kubernetes security best practices including RBAC network policies and image scanning.
  • Manage secrets and credentials securely using tools such as Azure Key Vault and AWS Secrets Manager.
  • Automate security processes monitoring and remediation using scripting and pipeline integrations.
  • Improve cloud security posture using Microsoft Defender Azure Security Center AWS Security Hub or similar platforms.
  • Apply Identity and Access Management (IAM) Role-Based Access Control (RBAC) and Zero Trust security principles.
  • Support vulnerability management and remediation activities.
  • Contribute to compliance initiatives including SOC 2 ISO 27001 and CIS Benchmarks.
  • Work closely with Security Operations (SOC) teams to align threat detection and incident response with DevSecOps practices.

Qualifications & Experience

  • DevSecOps Engineer: 24 years of experience in DevOps Security or DevSecOps.
  • Senior DevSecOps Engineer: 5 years of hands-on experience in DevSecOps and cloud security.
  • Experience with CI/CD platforms such as Azure DevOps GitHub Actions or Jenkins.
  • Strong knowledge of Azure and/or AWS cloud platforms.
  • Proficiency in PowerShell Python Bash or similar scripting languages.
  • Hands-on experience with Infrastructure as Code (Terraform preferred).
  • Solid understanding of application security principles including the OWASP Top 10.
  • Knowledge of IAM RBAC and network security fundamentals.

Nice to Have

  • Experience with security tools such as SonarQube Snyk Checkmarx Prisma Cloud or similar.
  • Experience with Docker Kubernetes and Kubernetes security best practices.
  • Familiarity with Policy-as-Code solutions such as Open Policy Agent (OPA) or Azure Policy.
  • Experience with Microsoft Defender Azure Sentinel and Microsoft Intune.
  • Knowledge of Kusto Query Language (KQL) for threat detection and analysis.
  • Experience with Logic Apps or similar automation platforms.
  • Previous experience in Security Operations (SOC) incident response or threat monitoring.

Interested candidates may send their CV to

About the Client Our client is a leading technology consulting and digital transformation company specializing in delivering innovative data cloud and cybersecurity solutions to the financial services industry. With a strong focus on business optimization cloud technologies and secure software deliv...