Resume List:

DevSecOps Engineer

Photon
Bengaluru, Karnataka, India
Jul 25, 2024
Jul 25, 2025
Onsite
Full-Time
3 Years
Job Description

We are seeking a skilled and experienced DevSecOps Engineer with a strong specialization in Google Cloud Platform (GCP) to join our dynamic team. The ideal candidate will have a deep understanding of security best practices, automation tools, and cloud technologies. You will play a crucial role in integrating security into our development processes and ensuring the security of our applications and infrastructure.

Experience. 3+ Years

Key Responsibilities

  1. Collaborate Across Teams. Work closely with development, operations, and security teams to embed security best practices into the software development lifecycle.
  2. Implement Security in CI/CD Pipelines. Apply a Shift Left approach to integrate security measures into CI/CD pipelines, including scanning and updating Infrastructure as Code (IaC) for benchmarks and industry best practices.
  3. Design and Maintain Security Automation. Develop and maintain security automation tools and monitoring solutions to proactively identify and address vulnerabilities in applications and infrastructure.
  4. Conduct Security Assessments. Perform regular security assessments, penetration testing, and vulnerability scanning to identify and mitigate potential risks.
  5. Develop Security Policies. Create and maintain security policies, guidelines, and procedures to ensure secure development practices across the organization.
  6. Incident Management. Monitor and analyze security incidents, improve security measures, and assist in incident response and remediation efforts.
  7. Compliance and Training. Ensure compliance with relevant industry regulations (e.g., GDPR, HIPAA, PCI DSS) and educate development and operations teams on secure coding practices and the latest security trends.
  8. Evaluate New Technologies. Continuously evaluate and recommend new security technologies and best practices to enhance the organization's security posture.

Key Skills and Qualifications

  1. Educational Background. Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent experience.
  2. Security Practices. Strong understanding of secure software development practices, including OWASP Top Ten, secure coding principles, and threat modeling.
  3. Tools and Technologies. Familiarity with security tools such as vulnerability scanners, intrusion detection systems, firewalls, and encryption technologies.
  4. IaC Expertise. Proficiency with Terraform for Infrastructure as Code (IaC).
  5. Programming Skills. Experience in programming or scripting languages such as Python, Ruby, JavaScript, or Go.
  6. CI/CD and Containerization. Experience with CI/CD pipelines, automation tools, and containerization technologies (e.g., Jenkins, GitHub Actions, GitLab CI/CD, Docker, Kubernetes).
  7. Cloud Security. Knowledge of cloud platforms (AWS, Azure, GCP) and their respective security services, best practices, and compliance requirements.
  8. Analytical and Communication Skills. Strong problem-solving and communication skills.
  9. Certifications. Relevant industry certifications (e.g., CISSP, CEH, CompTIA Security+) are a plus.

Join us and be a part of a forward-thinking team that values security, innovation, and collaboration. Apply now to contribute to securing our digital infrastructure and shaping the future of our organization's security practices.