DevOps Infosec Engineer

Required Skills:

• Bachelor’s degree in computer science, systems analysis or a related study, or equivalent experience
• 8 years of experience spanning at least two IT disciplines, including technical architecture, network management, application development, middleware, database management or operations.
• Experience with Kubernetes is a must - with broad experience in prominent cloud native technologies.
• Experience in building and maintaining CI & CD for frontend, backend and mobile platforms.
• Proficiency in Unix Shell scripting, and some proficiency in Python preferred
• Strong understanding of network architecture and application development methodologies.
• An understanding of common traps and pitfalls that can occur in a globally distributed infrastructure.
• Experience working with Compliance programs like PCI-DSS or SOC2 is a plus.
• Experience in managing vulnerability assessment programs across various infrastructure tiers, including penetration testing, vulnerability scanning and remediation activities.
• Familiarity with CVE databases, vulnerability scoring systems (e.g., CVSS), and security industry standards such as ISO 27001 and NIST.
• Strong understanding of security concepts around PKI, TLS and encryption.
• Experience using network and security troubleshooting tools – both at host and at network tier.

Responsibilities:

• Integrating Security in DevOps: Automates security testing (SAST, DAST, SCA) in CI/CD pipelines.
• Infrastructure Security: Secures cloud environments, containers, and IaC configurations.
• Identity & Access Management: Manages role-based access controls (RBAC), MFA, and secure authentication.
• Compliance & Audits: Ensures compliance with industry standards (ISO, SOC 2, PCI-DSS) in DevOps processes.
• Threat Modeling & Risk Assessment: Identifies potential security risks and implements mitigation strategies.
• Incident Response: Leads security incident management, root cause analysis, and improves security measures.

Posted By