DevSecOps Engineer

The DevSecOps Engineer plays a key role in architecting, automating, and maintaining secure, scalable, and resilient infrastructure and deployment pipelines. This position demands strong knowledge of cloud technologies, automation, security principles, and modern DevOps practices. The engineer will operate in an agile, collaborative setup, ensuring security is seamlessly embedded into development workflows and infrastructure operations.

• Provision cloud infrastructure for project teams using IaC.
• Create automation and processes that enable teams to deploy, manage, scale, and monitor applications across cloud platforms.
• Own end-to-end infrastructure and security implementation.
• Facilitate integration across frontend, backend, and cloud systems.
• Develop scripts and automation tools that support software builds, integration, and deployments in both development and production.
• Set up and maintain CI/CD pipelines with efficient change management and release processes.
• Automate configuration management for development, QA, and production workloads.
• Design, enhance, and monitor automation systems to eliminate bottlenecks and boost service uptime.
• Deploy and oversee monitoring tools to track performance, resource usage, and infrastructure health.
• Diagnose and fix system and application issues across environments, including on‑call support for critical incidents.
• Implement configuration management and automate disaster recovery procedures for business continuity.
• Apply security standards and best practices to safeguard organizational data and systems.
• Plan, build, and monitor security architectures, including threat and risk evaluations.
• Conduct security testing, such as vulnerability scans and system hardening, and resolve related incidents.
• Apply secure configurations and follow best practices when implementing security controls in infrastructure and applications.

• Degree or Diploma in Computer Science, Engineering, IT, or a related field.
• Strong drive for automation, standardization, and building best‑practice infrastructure and security setups.
• Solid understanding of the Software Development Life Cycle (SDLC), Test‑Driven Development (TDD), Continuous Integration, and Continuous Delivery.
• Experience handling high‑availability, high‑performance, and highly secure multi‑data‑center or hybrid cloud systems.
• Proficiency in three or more scripting/programming languages (Bash, PowerShell, Python, Go, Node.js).
• Experience using Git with modern branching approaches.
• Hands‑on experience with major cloud providers (AWS, Azure, Google Cloud).
• Experience working with provisioning tools such as Ansible, Terraform, Puppet, or Vagrant.
• Strong understanding of containers (Docker, Kubernetes).
• Familiarity with CNCF tools (Prometheus, Helm, ArgoCD, Istio, Gatekeeper, Crossplane).
• Experience with infrastructure monitoring and observability platforms.
• Ability to troubleshoot deep, complex issues across systems and application stacks.
• Hands‑on experience with CI/CD tools and DevOps platforms (e.g., GitLab).
• Experience with disaster recovery, system backup, and restoration processes.

• Experience embedding security controls into CI/CD and cloud‑native environments.
• Hands‑on experience with vulnerability testing, security assessments, and system hardening.
• Familiarity with enterprise‑grade security tools (Vault, ElasticSearch Enterprise, Tenable, Fortify, Nexus IQ, AWS security tools).
• Strong understanding of networking—firewalls, routing, subnets, and access control.
• Experience performing security assessments in regulated or government environments.

• Experience building AI‑driven applications or using AI agents/platforms.
• Background in organizations that have successfully adopted DevSecOps.
• Practical experience with API security, secrets management, or zero‑trust architectures.
• Understanding of service mesh security (Istio, Linkerd).