DevSecOps Engineer/Senior DevSecOps Engineer

Description :

Job Title : DevSecOps Engineer / Sr. DevSecOps Engineer

Location : Delhi (Client Site - Onsite)

Employment Type : Payroll

Positions Open : 2

Experience Required :

3-5 Years (10-12 LPA)

5-7 Years (18-20 LPA)

Compensation Range : 12 - 26 LPA (based on experience)

Duration : Long-term

Work Locations : Delhi Division, Karnataka, Pune (as applicable)

Job Overview :

We are seeking a skilled DevSecOps Engineer to integrate security practices within the DevOps lifecycle. This role focuses on building secure, scalable, and automated infrastructure and CI/CD pipelines while collaborating closely with development, operations, and security teams. The ideal candidate will champion security-first practices and ensure compliance without compromising delivery speed.

Key Responsibilities :

Collaboration & Advocacy :

- Work closely with Dev, Ops, and Security teams to embed DevSecOps principles.

- Promote a culture of security awareness across teams.

CI/CD Pipeline Development :

- Design and maintain secure CI/CD pipelines using Jenkins, GitLab, and SonarQube.

- Automate software delivery lifecycle processes.

Infrastructure as Code (IaC) :

- Manage configurations using Ansible.

- Provision infrastructure using Terraform.

Containerization & Orchestration :

- Deploy and manage containerized applications using Docker and Kubernetes.

- Ensure scalability and high availability.

Vulnerability Management :

- Implement and manage tools like Clair, Trivy, OWASP Dependency Check, and OWASP ZAP.

- Identify and remediate vulnerabilities early in development.

Secrets Management :

- Secure sensitive information using GitSecrets and TruffleHog.

Security Monitoring & Compliance :

- Use SonarQube for continuous code quality and compliance checks.

Automation :

- Develop scripts and workflows to integrate security tools seamlessly into DevOps pipelines.

Microservices Management :

- Manage Python-based microservices across multiple repositories.

- Deploy and monitor services on Kubernetes.

Data & Artifact Management :

- Configure and secure Apache Kafka clusters.

- Manage Redis databases.

- Handle artifact repositories via Sonatype Nexus.

Security Testing :

- Perform vulnerability assessments using tools like Burp Suite.

Required Qualifications :

- Bachelors degree in Computer Science, Engineering, or related field.

- Minimum 3+ years of experience in DevOps/DevSecOps.

- Strong experience with Kubernetes and Docker.

Mandatory Skills :

- DevOps & DevSecOps (3+ years)

- Kubernetes (3+ years)

- Linux (3+ years)

- Jenkins / GitLab CI/CD (2+ years)

- Ansible (2+ years)

- Git (2+ years)

- Apache Kafka (1+ year)

- Security Tools : SonarQube, OWASP, Clair, Trivy

- Secrets Management : GitSecrets, TruffleHog

- Automation & scripting experience

Good to Have :

- Experience in offline/on-prem DevSecOps setup

- Knowledge of Helm and Zot

Soft Skills :

- Strong communication and collaboration skills

- Ability to work in cross-functional teams

- Problem-solving mindset with attention to detail