Sr.Platform SecDevOps Engineer

Position Details : Combines Security Practices with Kubernetes platform engineering and advanced scripting abilities.

Direct Reporting to : Chief Software Architect

Job Responsibilities :

Setup and deployment of Kubernetes production and development clusters in-premise and in the cloud (preference for AWS).

• Scripting Kubernetes cluster setup for easy replication across different production sites.
• Practicing established security frameworks such as CISMP, CISA, or CISSP.
• Setting up necessary plugins for Kubernetes, like Platform CSI driver and horizontal autoscaler.
• Configuring ingress traffic and establishing secure network policies.
• Automating certificate management.
• Implementing alerting systems for high resource consumption and monitoring critical systems.
• Providing solutions for observing and accessing Kubernetes logs without direct server access.
• Introducing RBAC security policies for different user access levels.
• Practicing Infrastructure-as-Code with tools like Pulumi, Terraform, Ansible, Bash, Python, or GoLang for easy expansion.
• Securing internal Kubernetes endpoints from unauthorized access.
• Assisting in triaging, troubleshooting, and resolving Kubernetes issues during testing and production.
• Identifying and resolving middleware and platform bottlenecks for performance optimization.
• Staying updated with technological developments and integrating new tools to prevent breaches.
• Demonstrating a willingness to learn and grow professionally.
• Serving as the curator of DevOps and Security playbooks and runbooks, guiding peers as needed.
• Collaborating with management to deliver a seamless product experience.

Qualifications include a Master’s Degree in Electronics or Computer Science, with a background in secure networking, virtualization, and SecDevOps principles.

• 8+ years in SecDevOps, SRE, and security frameworks (CISMP or CISA certification preferred).
• 3+ years managing production Kubernetes clusters.
• Experience with Kubernetes operators, Helm charts, Istio, Grafana, Prometheus, Jaeger, EFK/ELK stack, and SIEM tools like Elastic SIEM.
• Proficiency in high-level programming languages such as Go, Python, C, C++, Java, C#, or Ruby.
• Experience with network hardware and software load balancers (Barracuda, F5, HAProxy).
• Ability to automate health checks, setup anomaly detection frameworks, and manage multi-cluster environments.
• Experience with IoT ecosystems is strongly preferred.