Description :

We are looking for a Senior DevSecOps Engineer who will lead our cybersecurity, infrastructure automation, and DevSecOps practices as we transition into a secure, scalable, and modern engineering environment. This role is responsible for strengthening 2Bases security posture, modernizing our pipelines, and guiding the team towards a secure-by-design culture. You will work closely with engineering, product, and leadership teams to ensure that our systems, applications, and cloud environments are secure, reliable, and future-ready.

Key Responsibilities :

- Define, implement, and enforce security standards, policies, and best practices across cloud and on-prem environments.

- Conduct security risk assessments, perform vulnerability scans, coordinate penetration testing activities, and execute mitigation plans.

- Architect, maintain, and enhance secure CI/CD pipelines with automated compliance and governance checkpoints.

- Promote and uphold a strong Security First culture across engineering, ensuring secure design and development practices.

- Continuously monitor, detect, investigate, and respond to security threats, incidents, breaches, and anomalies.

- Develop, own, and mature Infrastructure-as-Code practices using Terraform, Ansible, and other automation frameworks.

- Design and lead secure cloud architectures across AWS, Azure, or GCP to support scalable and compliant deployments.

- Build, operate, and secure containerized environments using Docker and Kubernetes with enforced security baselines.

- Implement and maintain secure monitoring, logging, SIEM, and alerting systems for infrastructure and application layers.

- Improve and optimize system reliability, scalability, performance, and fault tolerance across all critical workloads.

- Mentor, guide, and upskill DevOps engineers in secure development, automation, and operational excellence.

- Lead technical strategy, decision-making, tool selection, process improvements, and DevSecOps roadmap execution.

- Collaborate closely with BA, PM, and Engineering teams to ensure security, performance, and delivery objectives align with organizational goals.

Required Skills & Experience :

- 4 to 8 years of experience in DevOps, Cloud, or Infrastructure engineering with strong security exposure.

- Hands-on experience with CI/CD tools such as Jenkins, GitLab CI, or GitHub Actions.

- Strong expertise in AWS, Azure, or GCP cloud platforms with a focus on secure architecture.

- Proficiency in Infrastructure-as-Code using Terraform, Ansible, or similar tools.

- Experience securing and managing Docker and Kubernetes environments.

- Strong understanding of networking technologies : LAN/WAN, firewalls, VPN, load balancers.

- Knowledge of security frameworks and standards (OWASP, NIST, CIS Benchmarks).

- Experience with monitoring and logging tools (Prometheus, Grafana, ELK, CloudWatch, SIEM solutions).

- Strong scripting skills (Python, Bash, Shell).

- Excellent troubleshooting, analytical, and problem-solving skills.

- Strong communication and collaboration skills with the ability to influence engineering teams.

Preferred Qualifications (Good to Have) :

- Diploma / Degree / B.Tech in IT, CS, MCA

- Experience in SOC operations or exposure to SIEM and SOAR tools.

- Relevant certifications such as :

1. AWS Security/DevOps Engineer Professional

2. Certified Kubernetes Security Specialist (CKS)

3. CEH, CompTIA Security+, or equivalent.