Designation : DevSecOps Engineer
Location : Pune
Job Description :
A DevSecOps engineer is a skilled security professional who ensures that security is seamlessly and effectively integrated with the software development life cycle (SDLC). DevSecOps is a collaborative framework where security is placed at the forefront in developing applications and handling entire network operations. The roles and responsibilities of a DevSecOps engineer are extensive. From optimizing software processes to ensuring a network free from security vulnerabilities.
Roles and Responsibilities :
Methodology & Implementation :
Implement best practices and secure software development methodology (security by design, secure coding, SAST/DAST, code review, )
Ensure compliance with security policies requirements and operational risks standards (E.g. Network, Firewall, OS, Logging, Monitoring, Availability, Resiliency)
Provide recommendation, with user stories, on approach and automation related to security.
Security Operations/tooling
Integrate, configure, deploy and manage centrally provided common cloud services (e.g. IAM, networking, logging, Operating systems, Containers) as well as shared service applications on cloud (e.g. Jenkins, Nexus, GitLab Runners, Vault)
Ensure that capabilities are deployed through a continuous integration and development pipelines with security requirements satisfied at the time of deployment
Automate security controls
Engineer cloud solutions using Infrastructure As Code methods (Terraform, Ansible)
Help with the release management of new software into the production platform.
Implement and follow-up security measurements (KPIs , metrics, )
Essential Skills :
Highly motivated individual with DevOps skillset having Minimum of 3 years of focused experience on security practices or equivalent practical experience.
Work with the cloud engineering team and system engineering team to create effective CI/CD implementations, helping to configure and maintain them
Work with operational teams to ensure security tools installation/configuration/maintenance, documentation
Work in collaboration with 1st line of defence on providing assistance to assess security issues
Work inside a scrum team with DEV and QA roles.
Bring DevOps and Security mindset into the team and support the team to resolve challenges
Take care of the build, release and deployment of artefacts for the team
Strong understanding of Continuous Integration and Continuous Delivery concepts.
Strong scripting skills on ANT and/or Maven, Shell.
Strong understanding and experience of managing and working with docker containers.
Strong experience with code repositories like GIT including migration and backup.
Proficiency in working with Kubernetes, Puppet & terraform
Preferred Skills :
Understanding of Agile delivery methodology.
Good Knowledge of Python and Ansible
Good knowledge of Integrated development platform (Eclipse).
Soft Skills :
Should possess very good communication skills
Should possess very good Inter personnel skills
Should possess very good analytical skills
