Devsecops & Threat Modelling Engineer

1 month ago

Bengaluru, India CyRAACS™ Full time

The ideal candidate will be responsible for maintaining product and industry knowledge. You will work in a team-oriented environment that accelerates operational efficiency.

Responsibilities


• Work along with the Development/DevOps team to integrate application security tools in CI/CD pipeline.

• To understand the supply chain attack in SDLC and Create, develop, and implement security measures/tools in CI/CD pipeline for optimising the Secure SDLC.

• Work with development, operations, and security teams to validate the false/true positives vulnerabilities and exception process.

• Work with Development/DevOps team to close the vulnerabilities, security misconfigurations and Runtime Threats found in the in CI/CD pipeline, Cloud and Production Environment

• Conduct Pentest for Kubernetes clusters to find security issues and implement improvement measures.

• Create and deploy IaC such as Helm and Terraform codes for deploying the security tools in K8s environment.

• Work closely with the Developers/DevOps teams to investigate threats and respond to security incidents.

• Evaluate new security policies and tools in Kubernetes Environment and responsible to work with the DevOps team to implement the security policies in each product.

• To understand the application process, Create and Implement K8s Policy configurations for each product in production environment.

• A strong foundation in security principles and concepts, including confidentiality, integrity, availability, authentication, authorization, encryption, and secure coding practices.

• Proficiency in threat modelling methodologies and tools to identify and assess potential security threats and vulnerabilities in software and systems.

• Deep interest in application specific vulnerabilities, infrastructure knowledge.

• Experience in collecting, analysing, and interpreting qualitative and quantitative data from defined application security services related sources (tools, monitoring techniques etc.)

• In-depth knowledge of security architecture design and best practices, including secure design patterns, access control, and data protection

• Knowledge of cloud security frameworks (e.g., AWS Well-Architected Framework, Azure Security Benchmark) to assess and improve security measures.

• Familiarity with security standards and frameworks, such as OWASP Top Ten, NIST Cybersecurity Framework, ISO 27001, and CIS Controls.

• Ability to conduct risk assessments to evaluate the potential impact and likelihood of security risks and provide risk mitigation strategies.

• Familiarity with security testing tools like vulnerability scanners, penetration testing tools, and code analysis tools.

• Understanding of network and system architecture, protocols, and configurations to assess security at the infrastructure level.

• Understanding of industry-specific regulations, compliance requirements, and security challenges relevant to the organization's sector (e.g., healthcare, finance, or government).

• Awareness of the current threat landscape, emerging security threats, and attack vectors. • Familiarity with software development methodologies (e.g., Agile, DevOps) to integrate security into the development process.

• Experience with performing application threat modelling using tools and manual techniques

• Understanding of leading vulnerability scoring standards, such as CVSS, and ability to translate vulnerability severity as security risk.

• Knowledge of cloud environments and deployment solutions such as server less computing.

• Possession of excellent oral and written communication skill.


Qualifications


• 3+ years of related job experience

• Comprehensive technical expertise in a variety of DevSecOps toolkits, including Ansible, Jenkins, Artifactory, Jira, Terraform, Git/Version Control Software, or comparable technologies.

• Familiarity with information security frameworks and standards such as PCI-DSS, HIPPA, NIST, GDPR, CIS, and OWASP Top 10.

• Knowledge of DevOps Automation (Terraform, Helm, GitHub, GitHub Actions)

• Knowledge of K8s, Linux, SIEM, and SOC or similar services

• Knowledge of cloud platforms Azure, AWS, and Google Cloud.

• Familiarity with API Security, Application Security, Container Security, and Cloud Security

• Good knowledge of Logging, Monitoring, and Security tools such as ELK Stack,Prometheus, and Grafana.

• Knowledge of databases such as MySQL, PostgreSQL, MongoDB, and Redis

• Familiarity with CNAPP tools and managing the Compliance Scanning, Runtime Container Security and Policy Configurations.

  • Devsecops & Threat Modelling Engineer

    4 weeks ago

    Bengaluru, India CyRAACS™ Full time

    The ideal candidate will be responsible for maintaining product and industry knowledge. You will work in a team-oriented environment that accelerates operational efficiency. Responsibilities • Work along with the Development/DevOps team to integrate application security tools in CI/CD pipeline. • To understand the supply chain attack in SDLC and...

  • Devsecops & Threat Modelling Engineer

    4 weeks ago

    Bengaluru, India CyRAACS™ Full time

    The ideal candidate will be responsible for maintaining product and industry knowledge. You will work in a team-oriented environment that accelerates operational efficiency. Responsibilities• Work along with the Development/DevOps team to integrate application security tools in CI/CD pipeline.• To understand the supply chain attack in SDLC and Create,...

  • Devsecops & Threat Modelling Engineer

    1 month ago

    Bengaluru, India CyRAACS™ Full time

    The ideal candidate will be responsible for maintaining product and industry knowledge. You will work in a team-oriented environment that accelerates operational efficiency. Responsibilities• Work along with the Development/DevOps team to integrate application security tools in CI/CD pipeline.• To understand the supply chain attack in SDLC and Create,...

  • Devsecops & Threat Modelling Engineer

    2 weeks ago

    Bengaluru, Karnataka, India CyRAACS™ Full time

    The ideal candidate will be responsible for maintaining product and industry knowledge. You will work in a team-oriented environment that accelerates operational efficiency. Responsibilities • Work along with the Development/DevOps team to integrate application security tools in CI/CD pipeline. • To understand the supply chain attack in SDLC and...

  • Devsecops & Threat Modelling Engineer

    2 weeks ago

    Bengaluru, Karnataka, India Cyraacs™ Full time

    The ideal candidate will be responsible for maintaining product and industry knowledge.You will work in a team-oriented environment that accelerates operational efficiency.Responsibilities Work along with the Development/Dev Ops team to integrate application security tools in CI/CD pipeline. To understand the supply chain attack in SDLC and Create, develop,...

  • Threat Modelling Specialist

    1 week ago

    Bengaluru, India Brillio Full time

    We are hiring for Threat Modelling SpecialistExp level: 6 to 10 Yearslocation: BangalorePreferred immediate to 30 days joinersShift: Rotational shiftMode: HybridJD:The Threat Modeling Specialist is responsible for identifying, analyzing, and mitigating potential security threats to the organization’s systems and applications.This role involves developing...

  • Threat Modelling Specialist

    2 weeks ago

    Bengaluru, Karnataka, India Brillio Full time

    We are hiring for Threat Modelling Specialist Exp level: 6 to 10 Years location: Bangalore Preferred immediate to 30 days joiners Shift: Rotational shift Mode: Hybrid JD: The Threat Modeling Specialist is responsible for identifying, analyzing, and mitigating potential security threats to the organization's systems and applications. This role...

  • Senior Security Engineer

    2 weeks ago

    Bengaluru, India Standard Chartered Bank Full time

    RESPONSIBILITIESPartner with stakeholders to learn and understand a wide variety of threat model subjectsResponsible for building cyber threat models following the defined standardsResponsible for writing and maintaining the documentation relating threat models and technical architecture of analyzed systemsResponsible to execute cyber-attack simulations...

  • Senior DevSecOps fullstack Engineer

    2 weeks ago

    Bengaluru, Karnataka, India Standard Chartered Bank Full time

    RESPONSIBILITIESPartner with stakeholders to learn and understand a wide variety of threat model subjectsResponsible for building cyber threat models following the defined standardsResponsible for writing and maintaining the documentation relating threat models and technical architecture of analyzed systemsResponsible to execute cyber-attack simulations...

  • DevSecOps - SaaS Engineering

    4 days ago

    Bengaluru, India Nutanix Full time

    The OpportunityWe are seeking an experienced and highly skilled Senior DevSecOps Professional to lead our DevSecOps initiatives and drive the implementation of security best practices across our organization. As a Senior DevSecOps Professional, you will be responsible for architecting, implementing, and maintaining secure, automated development and...

  • Threat Modelling Specialist

    2 weeks ago

    Greater Bengaluru Area, India Brillio Full time

    We are hiring for Threat Modelling SpecialistExp level: 6 to 10 Yearslocation: BangalorePreferred immediate to 30 days joinersShift: Rotational shiftMode: HybridJD:The Threat Modeling Specialist is responsible for identifying, analyzing, and mitigating potential security threats to the organization's systems and applications. This role involves developing...

  • Threat Modelling Specialist

    2 weeks ago

    Greater Bengaluru Area, India Brillio Full time

    We are hiring for Threat Modelling SpecialistExp level: 6 to 10 Yearslocation: BangalorePreferred immediate to 30 days joinersShift: Rotational shiftMode: HybridJD:The Threat Modeling Specialist is responsible for identifying, analyzing, and mitigating potential security threats to the organization’s systems and applications. This role involves developing...

  • Lead, DevSecOps

    2 months ago

    Bengaluru, India Standard Chartered Bank Full time

    RESPONSIBILITIES Partner with stakeholders to learn and understand a wide variety of threat model subjects Responsible for building cyber threat models following the defined standards Responsible for writing and maintaining the documentation relating threat models and technical architecture of analyzed systems Responsible to execute cyber-attack...

  • Senior DevSecOps fullstack Engineer

    4 weeks ago

    Bengaluru, India Standard Chartered Bank Full time

    RESPONSIBILITIES Partner with stakeholders to learn and understand a wide variety of threat model subjects Responsible for building cyber threat models following the defined standards Responsible for writing and maintaining the documentation relating threat models and technical architecture of analyzed systems Responsible to execute cyber-attack...

  • DevSecOps - SaaS Engineering

    4 weeks ago

    Bengaluru, India Nutanix Full time

    The Opportunity We are seeking an experienced and highly skilled Senior DevSecOps Professional to lead our DevSecOps initiatives and drive the implementation of security best practices across our organization. As a Senior DevSecOps Professional, you will be responsible for architecting, implementing, and maintaining secure, automated development and...

  • DevSecOps - SaaS Engineering

    2 weeks ago

    Bengaluru, Karnataka, India timesjobs Full time

    # DevSecOps## SaaS Engineering Engineering - India Bangalore, India### ReqNum:26774Hungry, Humble, Honest, with Heart.### The OpportunityWe are seeking an experienced and highly skilled Senior DevSecOps Professional to lead our DevSecOps initiatives and drive the implementation of security best practices across our organization. As a Senior DevSecOps...

  • DevSecOps - SaaS Engineering

    4 weeks ago

    Bengaluru, Karnataka, India timesjobs Full time

    # DevSecOps## SaaS Engineering Engineering - India Bangalore, India### ReqNum:26774Hungry, Humble, Honest, with Heart.### The OpportunityWe are seeking an experienced and highly skilled Senior DevSecOps Professional to lead our DevSecOps initiatives and drive the implementation of security best practices across our organization. As a Senior DevSecOps...

  • DevSecOps - SaaS Engineering

    4 weeks ago

    Bengaluru/ Bangalore, India timesjobs Full time

    # DevSecOps## SaaS Engineering Engineering - India Bangalore, India### Req.Num.: 26774**Hungry, Humble, Honest, with Heart.**### The OpportunityWe are seeking an experienced and highly skilled Senior DevSecOps Professional to lead our DevSecOps initiatives and drive the implementation of security best practices across our organization. As a Senior DevSecOps...

  • DevSecOps - SaaS Engineering

    2 weeks ago

    Bengaluru, Karnataka, India Nutanix Full time

    Hungry, Humble, Honest, with Heart.The OpportunityWe are seeking an experienced and highly skilled Senior DevSecOps Professional to lead our DevSecOps initiatives and drive the implementation of security best practices across our organization. As a Senior DevSecOps Professional, you will be responsible for architecting, implementing, and maintaining secure,...

  • DevSecOps - SaaS Engineering

    4 weeks ago

    Bengaluru, Karnataka, India Nutanix Full time

    Hungry, Humble, Honest, with Heart.The OpportunityWe are seeking an experienced and highly skilled Senior DevSecOps Professional to lead our DevSecOps initiatives and drive the implementation of security best practices across our organization. As a Senior DevSecOps Professional, you will be responsible for architecting, implementing, and maintaining secure,...