HamburgerMenu
hirist

Artificial Intelligence

Machine Learning

NLP

Generative AI

Predictive Modeling

Query Segmentation

AI Interface

LLM

Deep Learning

MLOps

Security Architect - AI

Cloud Architect - ML/AI

Data Scientist

Data Modeling

Data Analytics & BI

Data Engineering

Backend Development

Frontend Development

Full Stack

Mobile Applications

Emerging Technologies

DevOps / SRE

CyberSecurity

Quality Assurance

Platform Engineering / SAP/Oracle

Product Management

Business Analysis and Project Management

UI & Design

Semiconductor/VLSI/EDA

Others

C G Vak Softwares & Exports - Senior DevSecOps/Security Engineer

C G Vak Softwares Exports Limited
Noida
8 - 12 Years
DevSecOpsSecurityCloud SecurityMLOpsCI/CD PipelineSASTDASTiAMNetwork SecurityThreat DetectionSIEM

Posted on: 04/12/2025

Job Description

Description :

We are hiring a Senior DevSecOps / Security Engineer with 8+ years of experience securing AWS cloud, on-prem infrastructure, DevOps platforms, MLOps environments, CI/CD pipelines, container orchestration, and data/ML platforms. This role is responsible for creating and maintaining a unified security posture across all systems used by DevOps and MLOps teams including AWS, Kubernetes, EMR, MWAA, Spark, Docker, GitOps, observability tools, and network infrastructure.

Key Responsibilities :

Cloud Security (AWS) :


- Secure all AWS resources consumed by DevOps/MLOps/Data Science : EC2, EKS, ECS, EMR, MWAA, S3, RDS, Redshift, Lambda, CloudFront, Glue, Athena, Kinesis, Transit Gateway, VPC Peering.

- Implement IAM least privilege, SCPs, KMS, Secrets Manager, SSO & identity governance.

- Configure AWS-native security : WAF, Shield, GuardDuty, Inspector, Macie, CloudTrail, Config, Security Hub.

- Harden VPC architecture, subnets, routing, SG/NACLs, multi-account environments.

- Ensure encryption of data at rest/in transit across all cloud services.

Infrastructure as Code & Automation Security :

- Secure Terraform, CloudFormation, Ansible with policy-as-code (OPA, Checkov, tfsec).

- Enforce misconfiguration scanning and automated remediation.

CI/CD Security :

- Secure Jenkins, GitHub, GitLab pipelines with SAST, DAST, SCA, secrets scanning, image scanning.

- Implement secure build, artifact signing, and deployment workflows.

- Harden Docker images, private registries, runtime policies.

- Enforce EKS security : RBAC, IRSA, PSP/PSS, network policies, runtime monitoring.

- Apply CIS Benchmarks for Kubernetes and Linux.

Monitoring & Reliability :

- Secure observability stack : Grafana, CloudWatch, logging, alerting, anomaly detection.

- Ensure audit logging across cloud/platform layers.

- MLOps Security (Airflow, EMR, Spark, Data Platforms, ML Pipelines)

Pipeline & Workflow Security :

- Secure Airflow/MWAA connections, secrets, DAGs, execution environments.

- Harden EMR, Spark jobs, Glue jobs, IAM roles, S3 buckets, encryption, and access policies.

ML Platform Security :

- Secure Jupyter/JupyterHub environments, containerized ML workspaces, and experiment tracking systems.

- Control model access, artifact protection, model registry security, and ML metadata integrity.

Data Security :

- Secure ETL/ML data flows across S3, Redshift, RDS, Glue, Kinesis.

- Enforce data versioning security, lineage tracking, PII protection, and access governance.

ML Observability :

- Implement drift detection (data drift/model drift), feature monitoring, audit logging.

- Integrate ML monitoring with Grafana/Prometheus/CloudWatch.

Network & Endpoint Security :


- Manage firewall policies, VPN, IDS/IPS, endpoint protection, secure LAN/WAN, Zero Trust principles.

- Conduct vulnerability assessments, penetration test coordination, and network segmentation.

- Secure remote workforce connectivity and internal office networks.

Threat Detection, Incident Response & Compliance :


- Centralize log management (CloudWatch, OpenSearch/ELK, SIEM).

- Build security alerts, automated threat detection, and incident workflows.

- Lead incident containment, forensics, RCA, and remediation.

- Ensure compliance with ISO 27001, SOC 2, GDPR, HIPAA (as applicable).

- Maintain security policies, procedures, RRPs (Runbooks), and audits.

Ideal Candidate :

- 8+ years in DevSecOps, Cloud Security, Platform Security, or equivalent.

- Proven ability securing AWS cloud ecosystems (IAM, EKS, EMR, MWAA, VPC, WAF, GuardDuty, KMS, Inspector, Macie).

- Strong hands-on experience with Docker, Kubernetes (EKS), CI/CD tools, and Infrastructure-as-Code.

- Experience securing ML platforms, data pipelines, and MLOps systems (Airflow/MWAA, Spark/EMR).

- Strong Linux security (CIS hardening, auditing, intrusion detection).

- Proficiency in Python, Bash, and automation/scripting.

- Excellent knowledge of SIEM, observability, threat detection, monitoring systems.

- Understanding of microservices, API security, serverless security.

- Strong understanding of vulnerability management, penetration testing practices, and remediation plans.

Education :


- Masters degree in Cybersecurity, Computer Science, Information Technology, or related field.

- Relevant certifications (AWS Security Specialty, CISSP, CEH, CKA/CKS) are a plus.

Perks, Benefits and Work Culture :

- Competitive Salary Package

- Generous Leave Policy

- Flexible Working Hours

- Performance-Based Bonuses

- Health Care Benefits


info-icon

Did you find something suspicious?

Posted By

Karthick

Talent Acquistion at C G Vak Softwares Exports Limited

Last Active: 5 Dec 2025

Job Views:  
4
Applications:  1
Recruiter Actions:  0

Posted in

CyberSecurity

Functional Area

IT Security

Job Code

1584718

Jobs by location

Interview Questions for you

View All
Blog for regisnation

How to Write Leave Application for Urgent Work: Format & Samples (2025)

Blog for regisnation

Top 90+ Machine Learning Interview Questions and Answers

Blog for regisnation

Top 40+ Deep Learning Interview Questions and Answers