DEVSECOPS ENGINEER

ROLESUMMARY

The DevSecOps Engineer is responsible for integrating security into DevOps processes, ensuring secure, automated, and scalable application delivery across cloud and on-premises environments. The role focuses on CI/CD, infrastructure automation, and embedding security controls within the software development lifecycle in mission-critical and regulated environments.

KEYRESPONSIBILITIES

· Design, implement, and manage CI/CD pipelines for automated build, test, and deployment.

· Integrate security controls into DevOps workflows (SAST, DAST, dependency scanning).

· Automate infrastructure provisioning and configuration using Infrastructure-as-Code (IaC).

· Manage containerized and cloud-native environments (build, deploy, monitor).

· Monitor system performance, availability, and pipeline health.

· Implement and manage secrets, access controls, and secure configurations.

· Perform vulnerability assessments, patching, and remediation in pipelines and environments.

· Troubleshoot build, deployment, and infrastructure issues across environments.

· Collaborate with development, security, and operations teams for continuous improvement.

· Ensure high availability(HA), scalability, and disaster recovery (DR) readiness.

· Maintain documentation for pipelines, automation scripts, and system configurations.

· Ensure adherence to SLAs, DevOps standards, and governance processes.

TECHNICALSKILLS & TOOLS

· CI/CD: Jenkins, GitLabCI/CD, Azure DevOps, Git

· Cloud: AWS, Azure, GoogleCloud

· Containers: Docker, Kubernetes

· IaC & Automation:Terraform, Ansible, Helm

· Languages: Python, Bash, PowerShell

· Monitoring: Prometheus, Grafana, ELK Stack

· Security Tools: SAST/DASTtools, SonarQube, Fortify, Nexus IQ, Vault

SECURITY& COMPLIANCE

· Implement DevSecOp spractices aligned with ISO 27001, NIST, and CIS benchmarks.

· Enforce secure coding, vulnerability management, and pipeline security.

· Manage secrets, encryption, and access controls in CI/CD environments.

· Support audits, compliance checks, and security governance.

QUALIFICATIONS& EXPERIENCE

· Degree/Diploma in Computer Science, IT, or related field.

· 4–8 years of experience inDevOps/DevSecOps roles.

· Experience with cloud-native and automated environments preferred.

· Strong troubleshooting, automation, and collaboration skills.

PREFERRED(GOOD TO HAVE)

· Certifications inAWS/Azure/GCP, Kubernetes, or DevOps.

· Experience with Zero Trust and cloud security architectures.

· Exposure to microservices and modern application architectures.

· Experience in regulated or government environments.