Designation : DevSecOps Engineer

Location : Pune

Job Description :

A DevSecOps engineer is a skilled security professional who ensures that security is seamlessly and effectively integrated with the software development life cycle (SDLC). DevSecOps is a collaborative framework where security is placed at the forefront in developing applications and handling entire network operations. The roles and responsibilities of a DevSecOps engineer are extensive. From optimizing software processes to ensuring a network free from security vulnerabilities.

Roles and Responsibilities :

Methodology & Implementation :

• Implement best practices and secure software development methodology (security by design, secure coding, SAST/DAST, code review, …)
• Ensure compliance with security policies requirements and operational risks standards (E.g. Network, Firewall, OS, Logging, Monitoring, Availability, Resiliency)
• Provide recommendation, with user stories, on approach and automation related to security.

Security Operations/tooling

• Integrate, configure, deploy and manage centrally provided common cloud services (e.g. IAM, networking, logging, Operating systems, Containers) as well as shared service applications on cloud (e.g. Jenkins, Nexus, GitLab Runners, Vault)
• Ensure that capabilities are deployed through a continuous integration and development pipelines with security requirements satisfied at the time of deployment
• Automate security controls
• Engineer cloud solutions using Infrastructure As Code methods (Terraform, Ansible…)
• Help with the release management of new software into the production platform.
• Implement and follow-up security measurements (KPIs , metrics, …)

Essential Skills :

• Highly motivated individual with DevOps skillset having Minimum of 3 years of focused experience on security practices or equivalent practical experience.
• Work with the cloud engineering team and system engineering team to create effective CI/CD implementations, helping to configure and maintain them
• Work with operational teams to ensure security tools installation/configuration/maintenance, documentation
• Work in collaboration with 1st line of defence on providing assistance to assess security issues
• Work inside a scrum team with DEV and QA roles.
• Bring DevOps and Security mindset into the team and support the team to resolve challenges
• Take care of the build, release and deployment of artefacts for the team  
• Strong understanding of Continuous Integration and Continuous Delivery concepts.
• Strong scripting skills on ANT and/or Maven, Shell.
• Strong understanding and experience of managing and working with docker containers.
• Strong experience with code repositories like GIT including migration and backup.
• Proficiency in working with Kubernetes, Puppet & terraform

Preferred Skills :

• Understanding of Agile delivery methodology.
• Good Knowledge of Python and Ansible
• Good knowledge of Integrated development platform (Eclipse).

Soft Skills :

• Should possess very good communication skills
• Should possess very good Inter personnel skills
• Should possess very good analytical skills