Senior Infrastructure Security

About Client: Our client is a global digital solutions and technology consulting company headquartered in Mumbai, India. The company generates annual revenue of over $4.29 billion (₹35,517 crore), reflecting a 4.4% year-over-year growth in USD terms. It has a workforce of around 86,000 professionals operating in more than 40 countries and serves a global client base of over 700 organizations.Job Type : C2HRole:Senior Infrastructure Security & Compliance Engineer Experience: 8-12yWork Location:BangalorePayroll on :People Prime World WideNotice :0-15daysJob Description: Senior Infrastructure Security & Compliance Engineer (Zero-Touch GPU Cloud – GitOps-Driven Compliance & Resilience)We are seeking aSenior Infrastructure Security & Compliance Engineerwith 10+ years of experience in infrastructure and platform automation to drive theZero-Touch Build, Upgrade, and Certification pipelinefor our on-prem GPU cloud environment. This role is focused on integratingsecurity scanning, policy enforcement, compliance validation, and backup automationinto a fully GitOps-managed GPU cloud stack, spanning hardware → OS → Kubernetes → platform layers.Key Responsibilities Design and implementGitOps-native workflowsto automatesecurity, compliance, and backup validationas part of the GPU cloud lifecycle. IntegrateTrivyinto CI/CD pipelines for container and system image vulnerability scanning. Automatekube-benchexecution and remediation workflows to enforce Kubernetes security benchmarks (CIS/STIG). Define and enforcepolicy-as-codeusingOPA/Gatekeeperto validate cluster and workload configurations. Deploy and manageVeleroto automate backup and disaster recovery operations for Kubernetes workloads. Ensure that all compliance, scanning, and backup logic isdeclarative and auditablethrough Git-backed repositories. Collaborate with infrastructure, platform, and security teams to define security baselines, enforce drift detection, and integrate automated guardrails. Drive remediation automation and post-validation gates across build, upgrade, and certification pipelines. Monitor evolving security threats and ensure tooling is regularly updated to detect vulnerabilities, misconfigurations, and compliance drift.Required Skills & Experience 10+ years of hands-on experiencein infrastructure, platform automation, and systems security. Primary key skillsrequired are Python/Go/Bash scripting, OPA Rego policy writing, CI integration for Trivy & kube-bench, GitOps Strong knowledge and practical experience with: Trivyfor container, filesystem, and configuration scanning kube-benchfor Kubernetes CIS benchmark compliance Velerofor Kubernetes-native backup and disaster recovery OPA/Gatekeeperfor policy-as-code and admission control Deep understanding of GitOps workflows (e.g., Argo CD, Flux) and how to integrate security tools declaratively. Proven experience automating security, compliance, and backup validation in CI/CD pipelines. Solid foundation in Kubernetes internals, RBAC, pod security, and multi-tenant best practices. Familiarity with vulnerability management lifecycles and security risk remediation strategies. Experience with Linux systems administration, OS hardening, and secure bootstrapping. Proficiency in scripting languages such as Python, Go, or Bash for automation and tooling integration. Bonus: Experience with SBOMs, image signing, or container supply chain security Exposure to regulated environments (e.g., PCI-DSS, HIPAA, FedRAMP) Contributions to open-source security/compliance projectsSeniority Level Mid-Senior level Industry IT Services and IT Consulting Software Development Employment Type Contract Job Functions Information Technology Skills Infrastructure Security Compliance Engineering