Avisoft is a Technology and IT Services company based in Mohali and Jammu. We are the preferred cost-effective and quality remote tech partner for global businesses. We offer Product Engineering, IT Consultancy, Project Outsourcing and Staff Augmentation services. We partner with businesses to design and build Tech platforms from scratch or to re-engineer and modernize their legacy systems. Our teams have expertise in Full Stack Technologies, REST API Servers, Blockchain, DevOps, Cloud Technologies, Data Engineering, and Test Automation. We are building next-gen SaaS platforms for e-commerce and health-tech domains.

Role Overview :

We are seeking a motivated Vulnerability Remediation & DevSecOps Engineer to join our security team. The ideal candidate will have hands-on experience with vulnerability management, secure coding, container security, and CI/CD pipeline integration. This role requires strong collaboration with development and DevOps teams to ensure timely remediation of vulnerabilities and adoption of secure development practices.

Key Responsibilities :

- Vulnerability Triage & Risk Assessment Review and analyse vulnerability findings from tools (e.g., Snyk, Trivy, Aqua, Qualys, etc.)

- Prioritize vulnerabilities based on severity, exploitability, and business impact.

- Maintain a backlog of security issues and actively track remediation progress.

- Code-Based Remediation Support Partner with developers to remediate vulnerabilities across multiple languages including TypeScript, Python, JavaScript, Java, Ruby, Go, HCL, Shell, and SQL

variants.

- Provide secure coding guidance and implement secure development patterns.

- Assist in refactoring insecure legacy code.

- Container Security & Infrastructure Hardening Remediate vulnerabilities in Docker images,

base OS layers, and Kubernetes (AKS) configurations.

- Harden CI/CD pipelines and container orchestration using IaC (Terraform, HCL).

- Manage and maintain secure container images in registries.

- Pipeline Integration & Automation Integrate security tools into CI/CD workflows (e.g., GitHub Actions, Azure DevOps).

- Automate remediation suggestions and enforce policy gates for critical vulnerabilities. Write

scripts and automation in Shell, Python, and Go for security enforcement.

- Cross-Team Collaboration Act as a bridge between development, security, and DevOps teams.

- Host working sessions and knowledge transfers on remediation strategies and DevSecOps best practices.

- Drive secure SDLC adoption across engineering teams.

- Documentation & Reporting Maintain clear documentation on remediation strategies, architecture decisions, and tool configurations.

- Provide metrics and reports to leadership on vulnerability trends and remediation velocity.

Qualifications & Skills :

- 1 - 3 years of hands-on experience in vulnerability management, remediation, or DevSecOps.

Familiarity with vulnerability scanning tools (Snyk, Trivy, Aqua, Qualys, etc.)

- Experience with multiple programming languages (TypeScript, Python, JavaScript, Java, Ruby, Go, SQL, Shell scripting).

- Knowledge of container security, Kubernetes (AKS preferred), and IaC (Terraform, HCL).

- Experience with CI/CD platforms (GitHub Actions, Azure DevOps).

- Strong understanding of secure coding practices and secure SDLC.

- Excellent problem-solving, communication, and collaboration skills.

Did you find something suspicious?

Posted By

Riya Arora

Senior HR Associate at Avisoft

Last Active: NA as recruiter has posted this job through third party tool.

Job Views:
329

Applications: 211

Recruiter Actions: 8

Posted in

DevOps / SRE

Functional Area

IT Security

Job Code

1546752

Jobs by location

Interview Questions for you

View All

How to Write Leave Application for Urgent Work: Format & Samples (2025)

Top 90+ Machine Learning Interview Questions and Answers

Top 40+ Deep Learning Interview Questions and Answers