Lead DevSecOps Engineer

About Us:slice the way you bankslice’s purpose is to make the world better at using money and time, with a major focus on building the best consumer experience for your money. We’ve all felt how slow, confusing, and complicated banking can be. So, we’re reimagining it. We’re building every product from scratch to be fast, transparent, and feel good, because we believe that the best products transcend demographics, like how great music touches most of us.Our cornerstone products and services: slice savings account, slice UPI credit card, slice UPI, slice UPI ATMs, slice fixed deposits, slice borrow, and UPI-powered bank branch are designed to be simple, rewarding, and completely in your control. At slice, you’ll get to build things you’d use yourself and shape the future of banking in India. We tailor our working experience with the belief that the present moment is the only real thing in life. And we have harmony in the present the most when we feel happy and successful together.We’re backed by some of the world’s leading investors, including Tiger Global, Insight Partners, Advent International, Blume Ventures, and Gunosy Capital.About the team:If you’ve ever wondered what keeps a digital financial platform both blazing fast and super secure, the answer lies in the invisible work of engineers like us. At slice, we don’t just build products, we engineer trust trust that our systems are resilient, secure, and seamless for millions of users. Here, you won’t just be writing automation scripts or firewall rules, you’ll be designing guardrails for the future of digital banking. And you’ll have a team that has your back no matter how tricky the cloud puzzle looks.About the role:We’re looking for a hands-on Lead DevSecOps Engineer who’s excited about blending cloud infrastructure, security tooling, and automation into a robust developer and security platform. You’ll be securing our Kubernetes clusters, taming AWS services, streamlining our security pipelines, and making vulnerabilities disappear before anyone knows they existed.This is a high-impact role for someone who loves working on production-grade environments and cares equally about scalability and security. Here, your work will directly protect critical workloads while enabling developers to move faster.What will you do:- Design, configure, and secure core AWS services including VPC, TGW, VPN, security groups, and networking access. - You will collaborate closely with the Infosec team to recommend and implement security best practices. - Partner with Application and Infrastructure teams to understand their SecOps requirements and support the implementation of security solutions. - Identify security gaps and drive initiatives aligned with business goals to strengthen overall security posture. - Strengthen Kubernetes/EKS clusters with best practices around RBAC, secrets management, runtime security, and policy-as-code. - Implement and manage AWS security tools – IAM (SSO/Identity Center), SecurityHub, GuardDuty, Config, KMS, and Control Tower guardrails. - Security Harden and maintain next-gen firewalls (Palo Alto, Fortinet) and their integration into our AWS workloads, setup security observability. - Integrate security scanning into CI/CD pipelines (Trivy, SonarQube, Codecov, Inspector) to enforce quality gates. - Set up and tune CSPM and SIEM platforms, and deploy WAF (Cloudflare), IDS/IPS solutions for active threat detection and mitigation. - Build secure automation workflows using Linux fundamentals, scripting, and IaC for repeatable, auditable infrastructure. - Partner with developers and platform engineers to enforce security without slowing down delivery.What you will need:- 6-10 years of experience in DevSecOps, Cloud Security, or Platform Engineering. - Strong working knowledge of AWS core and security services (IAM, GuardDuty, SecurityHub, Config, Control Tower, KMS). - Experience managing and securing Kubernetes/EKS workloads, with focus on RBAC, secrets, and runtime security. - Solid understanding of AWS networking and security fundamentals (VPNs, VPCs, TGW, firewalls, routing). - Practical knowledge of CSPM, SIEM, IDS/IPS, WAF solutions (Cloudflare) and firewall appliances (Palo/Fortinet). - Familiarity with code quality and security scanning tools like SonarQube, Codecov, Trivy, Inspector. - Strong fundamentals in Linux/Unix, scripting (Bash/Python), and cloud automation. - Curiosity, eagerness to learn, and the ability to balance speed with security.Life at sliceLife so good, you’d think we’re kidding:- Competitive salaries. Period. - Comprehensive medical insurance for you & your family — because we’ve got your back in and out of work. - Flexible work hours, but don’t ping us at 3AM (seriously). - Leaves & vacations crafted so you never miss what matters in life. - Recognition & rewards that turn big and small wins into celebrations. - A culture of learn and grow — upskilling opportunities, certifications, and hands-on exposure to cutting-edge tech. - And yes, food, games, and a workspace that feels less like an office and more like your second home.