DevSecOps Engineer

Role: DevSecOps Engineer

Position: Full Time

Job Location: Hyderabad/Coimbatore/Bangalore

Experience: 6-9

WFO

Position Summary:

We are seeking an experienced and dedicated DevSecOps Engineer to join our team. This role involves building, maintaining, and securing our SaaS environments on AWS and/or Azure. The ideal candidate will bring a security-first mindset, leveraging cloud infrastructure tools like Terraform, Kubernetes, and monitoring tools to establish a robust and secure platform.

What you'll do

• Cloud Infrastructure Management: Design, build, and maintain scalable, reliable SaaS environments on AWS and/or Azure.
• Infrastructure as Code (IaC): Utilize Terraform to build and manage cloud infrastructure, ensuring consistency and repeatability.
• Containerization: Develop, manage, and maintain Kubernetes clusters for containerized applications.
• Observability and Monitoring: Implement and manage observability tools for monitoring (logging, tracing, metrics) and ensure real-time visibility into the system’s health.
• Security Operations: Develop and enforce security policies, manage key infrastructure, and ensure encryption at rest and in transit.
• Security Monitoring: Monitor and triage security alerts from AWS Security Hub, AWS Guard Duty, Azure Defender, and Security Center, handling incidents as they arise.
• Compliance and Risk Management: Support compliance efforts (SOC2, ISO 27001, etc.) by implementing necessary controls and performing regular audits.

What we are looking for

General Requirements

• Minimum of 5+ years of experience designing, building, and maintaining SaaS environments on AWS and/or Azure.
• Proficiency in using Terraform to manage cloud infrastructure.
• Hands-on experience with Kubernetes cluster setup and management.
• Strong knowledge of observability tools for monitoring, logging, tracing, and metrics, with a focus on security monitoring.

Security-Specific Requirements

• Proven experience in security operations, including creating security policies, managing key infrastructure, and setting up encryption protocols.
• Familiarity with triaging and managing alerts from AWS Security Hub, AWS Guard Duty, Azure Defender, and Security Center.
• Experience with Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) tools.
• Knowledge of compliance methodologies, specifically SOC2, ISO 27001, or equivalent standards.

Preferred Skills:

• Strong scripting skills for automation (Python, Bash, or similar).
• Familiarity with CI/CD pipelines and secure software development practices.
• Excellent troubleshooting skills and ability to work collaboratively in a cross-functional team environment.