DevSecOps Engineer - Cloud Infrastructure & Security

About the Role :

We are seeking a highly skilled and experienced DevSecOps Engineer to join our infrastructure and security engineering team. This role demands deep technical expertise across cloud platforms (AWS and Azure), Infrastructure-as-Code (IaC), and security-first DevOps practices. You will be responsible for designing, implementing, and maintaining secure cloud-native architectures, embedding security controls across the software development lifecycle, and ensuring compliance and governance standards.

Key Responsibilities :

Cloud Infrastructure & Security Engineering :

- Architect and implement secure infrastructure solutions in AWS and Azure environments using Terraform.

- Enforce and maintain security standards and configurations across cloud platforms, ensuring systems are compliant with enterprise policies and industry best practices.

- Implement and manage IAM guardrails to support principle of least privilege, access control enforcement, and credential lifecycle management.

DevSecOps Enablement :

- Integrate security controls and tooling across CI/CD pipelines (code scanning, image scanning, SAST/DAST, secrets management).

- Establish automated policy enforcement for infrastructure provisioning and application deployment.

- Work closely with developers and DevOps teams to embed security early in the SDLC and shift-left security practices.

Cloud Governance and Policy Management :

- Collaborate with compliance, risk, and audit teams to implement cloud security policies and frameworks aligned with industry standards (e.g., CIS benchmarks, NIST, ISO 27001).

- Implement and monitor cloud guardrails using policy-as-code and native cloud tools (AWS Config, Azure Policy, SCPs).

Tooling and Automation :

- Lead implementation and maintenance of security platforms such as Wiz, System Manager (SSM), and native security services (e.g., AWS Security Hub, Azure Defender).

- Build and manage reusable IaC modules with security baked-in, ensuring traceability and version control via Git-based workflows.

Monitoring, Detection, and Incident Response :

- Integrate security logging and monitoring across cloud workloads and infrastructure.

- Collaborate with the Security Operations Center (SOC) and Incident Response teams to analyze findings and support remediation efforts.

Required Skills and Qualifications :

- 8+ years of progressive experience in DevSecOps, cloud security, and infrastructure engineering.

- Hands-on experience with Terraform for infrastructure provisioning and management in multi-cloud environments.

- Proficient in managing and securing cloud environments in both AWS and Azure.

- Strong understanding of IAM, policy-based access controls, guardrails, and cloud governance frameworks.

- Experience working with or integrating Wiz, AWS Systems Manager, or similar security visibility tools.

- Deep knowledge of cloud-native security services and monitoring tools (e.g., AWS Config, AWS GuardDuty, Azure Security Center).

- Proven ability to write secure, reusable, and modular IaC templates and enforce version-controlled workflows.

- Familiarity with CI/CD pipelines and secure SDLC practices.

- Understanding of modern container platforms (e.g., EKS, AKS, Docker) and their security considerations is a plus.

- Strong troubleshooting and analytical skills, with the ability to identify and mitigate risks proactively.