DevSecOps Engineer - Vulnerability Assessment

<p><p><b>Job Description :</b></p><p><br/></p><p><p><b>Key Responsibilities :</b></p><p><br/></p>- Implement and manage security controls across CI/CD pipelines.<br/><br/></p><p>- Conduct security reviews, vulnerability assessments, and penetration testing.<br/><br/></p><p>- Automate security testing using tools such as Snyk, SonarQube, Checkmarx, or OWASP ZAP.<br/><br/></p><p>- Work closely with DevOps and development teams to remediate security issues.<br/><br/></p><p>- Implement container and Kubernetes security best practices.<br/><br/></p><p>- Ensure compliance with security standards (ISO 27001, SOC 2, GDPR, etc.).<br/><br/></p><p>- Monitor and respond to security incidents within cloud and on-prem environments.<br/><br/></p><p>- Develop and maintain Infrastructure as Code (IaC) with embedded security practices.<br/><br/></p><p>- Provide security training and awareness to development and DevOps Skills & Qualifications :</b></p><p><b><br/></b></p>- Bachelors degree in Computer Science, Information Security, or related field.<br/><br/></p><p>- 4 - 8 years of experience in DevOps, Cloud Security, or Application Security.<br/><br/></p><p>- Strong hands-on experience with CI/CD tools (Jenkins, GitLab CI/CD, Azure DevOps, etc.).<br/><br/></p><p>- Proficiency in cloud platforms (AWS, Azure, or GCP) with a focus on security services.<br/><br/></p><p>- Experience with container security (Docker, Kubernetes, EKS/AKS/GKE).<br/><br/></p><p>- Knowledge of IaC tools (Terraform, Ansible, CloudFormation) with security integration.<br/><br/></p><p>- Familiarity with security frameworks and tools (OWASP, NIST, CIS Benchmarks).<br/><br/></p><p>- Proficiency in scripting languages (Python, Bash, PowerShell, etc.).</p><p><br/></p><p>- Strong understanding of network and application security principles.</p><br/></p> (ref:hirist.tech)