DevSecOps Security Engineer with Splunk Expertise

Job description

About Quess IT Staffing:
Hiring the right professionals in the IT industry can be a challenging endeavor.

At Quess IT Staffing, we specialize in connecting organizations with IT talent who not only possess the skills needed but also align with the client organization's vision and goals.

This commitment has helped us become one of the largest and most sought-after IT staffing companies in India.
Our professional staffing solutions are strategically designed to help businesses secure highly qualified candidates, whether seasoned experts, niche specialists, or those with unique technical skills.

Beyond staffing, we provide tailored IT solutions including Digital Workplace Services, Cloud & Datacenter Services, and Managed Network Services, ensuring your infrastructure is robust and operations run seamlessly.
As India’s largest and a global leader in staffing and workforce solutions, Quess empowers businesses to boost productivity through deep domain expertise and a future-ready workforce powered by AI-driven digital platforms.

With a strong presence across 8 countries, a workforce exceeding 460,000 professionals, and over 3,000 clients worldwide, Quess has grown from a start-up to an industry powerhouse in just 17 years, delivering transformative impact across sectors.

We offer a comprehensive range of technology-driven staffing and managed outsourcing services, serving leading industries such as BFSI, Retail, Telecom, Manufacturing, IT, GCCs, BPO services, and more.
Job Title: DevSecOps Security Engineer — with Splunk Expertise
Experience : 6+ Years
Location: Chennai
Job Type: Work from Office
Indian Shift Timing: 2:00 PM - 11:00 PM IST
Notice period: Immediate Joiner
Overview:
The DevSecOps Security Engineer will embed security into modern delivery for our customer environment , while also providing Splunk engineering support to our internal team.

Based in Chennai, India, this hands-on role partners with local Engineering/DevOps to secure CI/CD pipelines, Kubernetes workloads, and runtime environments in alignment with enterprise standards.

Experience with API and Bot security is a plus.
• Primary focus: Customer DevSecOps enablement (pipelines, IaC guardrails, Kubernetes hardening, runtime detection/response, observability)
• Secondary focus: Internal Splunk SME work (use cases, onboarding, dashboards, compliance reporting)
• Target allocation: ~80% Customer DevSecOps / ~20% Internal Splunk (subject to business needs)
Key Responsibilities
A) Customer DevSecOps Enablement
Pipeline Security: Integrate automated scans (SAST, SCA, IaC, container) into CI/CD (GitHub, Jenkins, Argo CD); enforce quality gates and break-glass workflows.
IaC Guardrails: Implement policy-as-code for Terraform/Helm/manifests; codify baselines, waivers, and approvals in version control.
Kubernetes Security: Apply CIS Benchmarks; enforce admission controls; implement least-privilege RBAC, network policies, image signing/attestations, and runtime defenses.
Secrets & Identity: Harden secrets management; align to Zero Trust and least-privilege access patterns.
Compliance Mapping: Align detections/controls to MITRE ATT&CK, CIS, NIST, and PCI where applicable; produce audit-ready artifacts (e.g., SBOMs and attestations).
API & Bot Security (Strongly Preferred): Implement API discovery/cataloging and API threat modeling; enforce WAAP/edge/CDN policies and rate limiting; deploy bot detection/mitigation and fraud signals.
B) Observability & Runtime Protection
Runtime Monitoring: Deploy vulnerability, misconfiguration, drift, and anomaly detection across clusters and services.
Telemetry & Dashboards: Build real-time observability with Grafana, OpenTelemetry, and OpenSearch.
On-Call & Escalations: Configure PagerDuty and ticketing (Jira/ServiceNow); reduce MTTR with clear ownership and runbooks.
IR Enablement: Partner with SOC/IR for evidence collection, triage, post-incident reviews, and improvement actions.
C) Splunk (Internal Team Support)
Log Onboarding & Tuning: Integrate new data sources, perform field extractions, apply lifecycle policies; maintain index health.

(Nice to have: ingest API gateway/WAAP/bot telemetry.)
Detection Engineering: Author/tune SPL searches and correlation rules; map detections to MITRE/CIS; reduce false positives.
Dashboards & Reporting: Deliver detection/operations dashboards and automated compliance/audit reports.
Platform Care: Support upgrades, performance tuning, license utilization, and app maintenance.
D) Delivery, Documentation & Stakeholders
Execution: Own Jira epics/stories; deliver against roadmap with measurable outcomes.
Docs & Runbooks: Maintain Confluence runbooks, playbooks, standards, and architecture diagrams.
Communication: Provide weekly status, risk/issue tracking, and stakeholder updates (customer + internal).
Qualifications
Bachelor’s in Computer Science, Cybersecurity, or related field; advanced degree a plus.
Hands-on DevSecOps experience across CI/CD, Kubernetes, and cloud-native platforms.
Strong IaC security and policy-as-code (Terraform/Helm/Git-based guardrails).
Kubernetes security (CIS, admission controls, image signing/attestations, RBAC, Pod Security admission, network policies).
Observability: Grafana, OpenTelemetry, OpenSearch ; on-call tooling (PagerDuty) .
Splunk (Required): data onboarding, SPL, dashboards, correlation rules, compliance reporting, and performance tuning.
Scripting/automation (REST, CLI, Ansible, Terraform); familiarity with SOAR, Jira/ServiceNow.
Experience with CNAPP/CSPM platforms (Prisma Cloud and/or Wiz).
API & Bot Security (Strongly Preferred): API discovery/cataloging; API threat modeling; WAAP/edge/CDN policies; rate limiting; bot detection/mitigation & fraud signals.

Akamai/Cequence experience is a plus.
Strong troubleshooting, stakeholder communication, and cross-team collaboration skills.

Required Skill Profession

Computer Occupations