DevSecOps Engineer - VAPT/SAST/DAST

DevSecOps Engineer

Location : Chennai, India

Experience : 3 to 4 Years

Employment Type : Full-time

Job Summary :

We're looking for a skilled and proactive DevSecOps Engineer with 34 years of experience to help us embed security into every stage of the software development lifecycle. The ideal candidate will have a strong background in DevOps, AWS, GitHub Actions, scripting, Infrastructure as Code (Terraform), and application security testing (VAPT, SAST, DAST). You'll be crucial in automating security practices and enhancing our overall security posture.

Key Responsibilities :

- Integrate security practices into every stage of the Software Development Lifecycle (SDLC).

- Design, implement, and maintain CI/CD pipelines with security automation using tools like GitHub Actions.

- Administer and optimize infrastructure on AWS, ensuring secure and efficient cloud operations.

- Develop and maintain Infrastructure as Code (IaC) using Terraform to provision and manage secure cloud environments.

- Implement and manage application security testing tools, including Vulnerability Assessment and Penetration Testing (VAPT), Static Application Security Testing (SAST), and Dynamic Application Security Testing (DAST).

- Develop automation scripts using various scripting languages to streamline security processes and tasks.

- Monitor security vulnerabilities, perform risk assessments, and drive remediation efforts.

- Collaborate with development, operations, and security teams to promote a security-first culture.

- Ensure compliance with security policies, standards, and regulations.

Requirements :

- 3 to 4 years of experience as a DevSecOps Engineer or in a similar role focusing on security automation.

- Strong background in DevOps practices.

- Hands-on experience with AWS cloud services.

- Proficiency in setting up and managing CI/CD pipelines using GitHub Actions.

- Strong scripting skills (Python, Bash, PowerShell).

- Experience with Infrastructure as Code (IaC) tools, specifically Terraform.

- Practical experience with application security testing methodologies and tools, including VAPT, SAST, and DAST.

- Solid understanding of networking, operating systems, and cybersecurity principles.

- Excellent problem-solving skills and attention to detail.

- Strong communication and collaboration abilities.

Preferred Qualifications :

- Certifications in AWS or security (Security+, AWS Certified Security Specialty).

- Experience with other CI/CD tools (Jenkins, GitLab CI).

- Knowledge of container security (Docker, Kubernetes security).

- Familiarity with compliance frameworks (ISO 27001, NIST).