DevSecOps Engineer
Location: India
Location: Sri Lanka (Colombo)
Location: Philippines (Metro Manila)
Job description
We are seeking a highly skilled and experienced DevSecOps Engineer to join our dynamic team. In this critical role, you will be responsible for integrating automation and security practices within our DevOps processes across a hybrid environment that includes VMWare, Microsoft Azure, Microsoft Windows, Ubuntu, Kubernetes, GitHub, Microsoft Defender, and Azure DevOps. The ideal candidate will have a strong background in both development and operations, with a deep commitment to automation and security as a fundamental part of the development lifecycle.
Responsibilities
- Develop, implement, and maintain a secure, continuous integration and continuous delivery (CI/CD) pipeline for deploying applications and systems in a hybrid environment.
- Work closely with development, operations, and security teams to integrate security measures seamlessly into development and deployment processes.
- Design and implement automation scripts for efficient deployment and operations across VMWare, Microsoft Azure, Microsoft Windows, Ubuntu, Kubernetes, GitHub, Microsoft Defender, and Azure DevOps platforms.
- Support the conduct of security assessments, risk analysis, and vulnerability testing at different stages of the software development lifecycle and work to remediate any issues found.
- Develop and enforce security best practices, secure coding standards, and guidelines for the IT and development teams.
- Configure and manage security tools and technologies such as Microsoft Defender and Azure Sentinel to monitor and protect against threats.
- Participate in the development and deployment of containerized applications using Kubernetes, ensuring security is integrated into the container lifecycle.
- Stay updated with the latest security threats, trends, and technologies and apply this knowledge to enhance our security posture continuously.
- Facilitate security training and awareness programs for development and operations teams.
- Work with external auditors and consultants as needed to validate security and compliance measures.
Requirements
- Bachelor’s degree in Computer Science, Information Security, or a related work experience.
- Minimum of 3 years of experience in a DevSecOps role, with a proven track record of developing and implementing security practices in a DevOps environment.
- Strong knowledge of cloud services (especially Azure), virtualization (VMWare), and containerization technologies (Kubernetes).
- Experience with both Windows and Linux (Ubuntu) operating systems.
- Proficient in using CI/CD tools (Azure DevOps, GitHub Actions) for automated deployment and testing.
- Solid understanding of security protocols, cryptography, authentication, authorization, and security vulnerabilities.
- Familiarity with security tools and services such as Microsoft Defender, Azure Security Center, and other relevant tools.
- Excellent scripting and automation skills (e.g., PowerShell, Bash, Python).
- Effective communication and collaboration skills, with the ability to work well in a team environment.
- Certifications such as CISSP, CEH, or any relevant Azure certifications are highly desirable.