<p><p><b>Job Summary :</b></p><p><p><b><br/></b></p>We are seeking a highly experienced and technically skilled <b>DevSecOps Engineer</b> to implement secure development and deployment practices across our organization.
This role combines hands-on engineering with strategic leadership, ensuring that security is seamlessly integrated into our DevOps culture, toolchains, and cloud infrastructure.<br/>The ideal candidate will bring a strong background in software security, automation, and modern DevOps practices, and will be able to influence architecture, culture, and process across development and operations teams.</p><p><b>Key Responsibilities : & Strategy : </b></p><p><br/></p><p>- Define and drive the organization's DevSecOps vision and roadmap.</p><p><br/>- Act as the technical authority and advisor for all security-related aspects of the CI/CD pipeline.<br/><br/></p><p>- Collaborate with Engineering, Security, and Operations teams to embed security into all stages of the SDLC.<br/><br/></p><p>- Champion a security as code mindset and lead secure software delivery practices.<br/><br/></p><p>- Mentor DevSecOps engineers, security champions, and cross-functional Implementation :</b></p><p><br/></p><p>- Design and implement automated security controls and pipelines (SAST, DAST, SCA, IaC scanning, secrets detection).</p><p><br/></p>- Develop and enforce security guardrails, policies, and compliance requirements in CI/CD </p><p>workflows.<br/><br/></p><p>- Automate vulnerability scanning and management, and integrate remediation into </p><p>development cycles.<br/><br/></p><p>- Threat modeling, secure design reviews, and architecture assessments for new & Infrastructure Security :</b></p><p><br/></p><p>- Drive secure cloud adoption strategies and implement security baselines for cloud </p><p>infrastructure (Azure, Adobe, AWS) containers, and serverless functions.</p><p><br/></p>- Ensure compliance with industry standards (NIST, OWASP, ISO 27001, SOC 2) and regulatory </p><p>requirements (e.g., GDPR, HIPAA, Automation & Tooling :</b></p><p><br/></p><p>- Evaluate and integrate cutting-edge DevSecOps tools.</p><p><br/></p>-Develop custom tooling where appropriate to support secure delivery and threat detection.<br/><br/></p><p>- Establish and monitor security KPIs and SLAs across Readiness & Collaboration :</b></p><p><br/></p><p>- Support incident response processes and contribute to forensic analysis and RCA.</p><p><br/></p>- Act as the bridge between security operations and development teams.</p><p><br/>- Lead or participate in security assessments, audits, and red/blue team Qualifications : </b></p><p><br/></p>- 6+ years of hands-on experience in DevOps, security engineering, or software development roles, with at least 2 years in a senior or lead DevSecOps role.<br/><br/></p><p>- Strong knowledge of CI/CD platforms (GitLab CI, GitHub, Jenkins, Azure DevOps, WebShpere, Web Logic, IIS, Tomcat, Apache, MuleSoft, Maven, ANT, NPM tools, Azure Cloud, Azure Data </p><p>Factory, Azure Databricks, Adobe Experience Manager, Power Apps, Power Automate, Power BI, Microsoft Fabric, Microsoft Copilot Studio experience, Infrastructure as Code, Kubernetes AKS, etc.).</p><p><br/></p><p>- Hands-on experience with security testing tools (e.g., SonarQube, Veracode, Checkmarx, Trivy, OWASP ZAP, Burp Suite).<br/><br/></p><p>- Proficient with cloud-native security in AWS, Azure, Adobe .<br/><br/></p><p>- Deep understanding of container security, Kubernetes, and IaC (Terraform, Ansible, Strong scripting or development experience (Python, Bash, PowerShell, Go, etc.).<br/><br/></p><p>- Excellent leadership, mentoring, and stakeholder management skills.<br/><br/></p><p>- Knowledge of agile/DevOps methodologies and enterprise SDLC best practices.</p><br/></p> (ref:hirist.tech)