DevSecOps

Your Role

Lead the design, implementation, and optimization of secure CI/CD pipelines for automating software build, test, and deployment processes, integrating advanced security testing and compliance checks throughout the pipeline.
Architect and implement infrastructure as code solutions using advanced automation tools and techniques such as Terraform, Ansible, or CloudFormation, with a focus on security and compliance.
Design and implement secure containerization and orchestration platforms using advanced techniques such as Kubernetes RBAC, PodSecurityPolicies, and network policies for workload isolation and defense in depth.
Implement and manage advanced security monitoring and logging solutions using tools such as Prometheus, Grafana, ELK stack with a focus on real-time threat detection and incident response.
Monitor and optimize the performance, reliability, and scalability of Kafka clusters, and implement proactive measures to detect and mitigate potential issues.
Design and implement automated ML workflows and pipelines, ensuring reproducibility and scalability of ML experiments.
Lead the integration of advanced security scanning tools such as SAST, DAST, IAST, and dependency scanning into CI/CD pipelines, and implement automated remediation strategies for security vulnerabilities.
Mentor and coach junior DevSecOps engineers, providing guidance and support in implementing security best practices and leveraging advanced security technologies.
Stay current with emerging technologies, industry trends, and best practices in DevSecOps, cloud security, container security, and infrastructure as code, and lead the adoption of new technologies and methodologies.

What You Will Bring

Bachelor's degree in Computer Science, Engineering, or related field (or equivalent work experience).
8+ years of experience working as a DevSecOps Engineer, with a proven track record of architecting and implementing secure CI/CD pipelines and cloud infrastructure.
Extensive hands-on experience with CI/CD tools such as Jenkins, GitLab CI/CD, or CircleCI, and proficiency in scripting languages such as Bash, Python, or Ruby.
Advanced expertise in infrastructure as code tools such as Terraform, Ansible, or CloudFormation, and containerization and orchestration platforms such as Docker and Kubernetes.
Deep understanding of security testing tools and techniques, including SAST, DAST, IAST, dependency scanning, and vulnerability management tools.
Strong knowledge of cloud security best practices and experience with cloud platforms such as AWS, Azure, or Google Cloud Platform, including advanced security services and features.
Excellent understanding of security standards and compliance frameworks such as CIS benchmarks, GDPR, HIPAA, or SOC 2, and experience implementing security controls and audit requirements.
Strong leadership and communication skills, with the ability to effectively lead and mentor cross-functional teams and drive security initiatives across the organization.