Job Description: We are seeking a highly skilled DevSecOps Engineer to join our growing team and take ownership of integrating security throughout the DevOps lifecycle. You will collaborate with engineering, operations, and security teams to build secure, automated pipelines that ensure compliance, resilience, and rapid delivery of software solutions across cloud-native environments. 🔧 Key Responsibilities: • Embed security controls and practices across CI/CD pipelines and infrastructure. • Implement and manage security tooling: SAST, DAST, secret scanning, dependency scanning, container scanning. • Automate security testing and compliance enforcement using tools like Snyk, SonarQube, Veracode, Checkmarx, etc. • Collaborate with developers to remediate vulnerabilities and integrate secure coding practices. • Design and manage Infrastructure as Code (IaC) using Terraform, Ansible, or CloudFormation. • Build secure container images and ensure Kubernetes (K8s) security hardening. • Conduct threat modeling, risk analysis, and implement OWASP Top 10 security controls. • Monitor systems using tools like CloudWatch, Splunk, ELK, and handle incident response in cloud environments. • Champion DevSecOps culture and mentor teams on security automation best practices. ⚙️ Required Skills & Experience: • 4–8 years of experience in DevSecOps, Cloud Security, or Application Security roles. • Strong hands-on experience with AWS, Azure, or GCP cloud security principles. • Proficiency in scripting languages such as Python, Bash, or Go. • Expertise in CI/CD tools: GitLab CI/CD, Jenkins, GitHub Actions, etc. • Hands-on with container platforms: Docker, Kubernetes (K8s), EKS/AKS/GKE. • Knowledge of SAST, DAST, SCA, secret detection, and automated testing integration. • Familiar with IAM policies, network segmentation, KMS, and cloud-native security services. • Working knowledge of threat modeling and vulnerability management processes. • Strong understanding of compliance standards: NIST, SOC2, ISO27001, etc.