Role Overview

We are seeking a DevSecOps Engineer / Senior DevSecOps Engineer to drive the integration of security into modern cloud and software delivery pipelines. This role focuses on embedding security across the entire SDLC—spanning development, infrastructure, and operations—through automation, tooling, and best practices.

In addition to core DevSecOps responsibilities, exposure to Security Operations (SOC), threat detection, and incident response is highly valuable, as this role works closely with security teams to strengthen the overall security posture and response capability.

Key Responsibilities

DevSecOps & Secure Delivery

• 
  Integrate security controls into CI/CD pipelines (SAST, DAST, SCA, container scanning, IaC scanning)
• 
  Champion secure coding and secure deployment practices in collaboration with DevOps and engineering teams
• 
  Automate security checks, remediation, and governance within pipelines

Cloud & Infrastructure Security

• 
  Implement and manage security controls across Azure, AWS, and hybrid environments
• 
  Secure Infrastructure as Code (Terraform, ARM templates, or similar tools)
• 
  Enforce cloud security posture management using tools such as Microsoft Defender for Cloud, Azure Security Center, or AWS Security Hub

Application & Container Security

• 
  Implement container and Kubernetes security best practices (RBAC, network policies, image scanning)
• 
  Apply application security principles aligned with OWASP Top 10
• 
  Manage secrets and sensitive credentials using tools such as Azure Key Vault and AWS Secrets Manager

Identity, Governance & Compliance

• 
  Implement IAM, RBAC, and Zero Trust principles across environments
• 
  Support vulnerability management and remediation workflows
• 
  Contribute to compliance frameworks such as SOC 2, ISO 27001, and CIS benchmarks

Security Collaboration & SOC Alignment

• 
  Work closely with SOC teams to align threat detection, monitoring, and incident response with DevSecOps practices
• 
  Support threat detection, security monitoring, and incident response activities where required
• 
  Contribute to improving detection engineering and security automation

Required Skills & Experience

DevSecOps Engineer

• 
  2–4 years of experience in DevOps, Security, or DevSecOps roles

Senior DevSecOps Engineer

• 
  5+ years of hands-on experience in DevSecOps, cloud security, or related fields

Core Requirements

• 
  Strong experience with CI/CD tools (Azure DevOps, GitHub Actions, Jenkins, etc.)
• 
  Solid understanding of Azure and/or AWS cloud platforms
• 
  Hands-on experience with Infrastructure as Code (Terraform preferred)
• 
  Proficiency in scripting (Python, PowerShell, or Bash)
• 
  Understanding of application security principles (OWASP Top 10)
• 
  Knowledge of IAM, RBAC, and core network security concepts

Nice to Have (Strong Advantage)

• 
  Experience with security tools such as SonarQube, Snyk, Checkmarx, Prisma Cloud, or similar
• 
  Hands-on experience with Docker and Kubernetes security (policy enforcement, runtime security, etc.)
• 
  Experience with Policy-as-Code tools (OPA, Azure Policy)
• 
  Exposure to Microsoft security ecosystem (Azure Sentinel, Microsoft Defender suite, Intune)
• 
  Knowledge of KQL for threat hunting and detection
• 
  Experience with automation tools such as Logic Apps or similar
• 
  Background in SOC, incident response, or threat monitoring

Certifications (Optional but Valuable)

• 
  AZ-500 (Azure Security Engineer Associate)
• 
  AWS Certified Security – Specialty
• 
  CEH or equivalent security certifications

Work Arrangement

• 
  24×7 roster-based environment (rotational support model)