Key Responsibilities :

- Design and implement secure CI/CD pipelines that automate security testing and vulnerability assessments for all software releases.

- Develop and maintain security automation tools and scripts to proactively identify and remediate security vulnerabilities across the infrastructure.

- Collaborate with development teams to integrate security best practices into the software development lifecycle, including threat modeling and secure code reviews.

- Conduct regular security audits and penetration testing to identify and address security weaknesses in applications and infrastructure.

- Monitor security alerts and incidents, and respond effectively to mitigate potential threats and breaches.

- Develop and maintain security documentation, including security policies, procedures, and standards.

- Provide security training and guidance to development and operations teams to promote a security-conscious culture.

Required Skillset :

- Demonstrated ability to design, implement, and manage secure CI/CD pipelines using tools like Jenkins, GitLab CI, or Azure DevOps.

- Proven expertise in security automation using scripting languages such as Python, Bash, or PowerShell.

- Strong understanding of cloud security principles and best practices, particularly within AWS, Azure, or GCP environments.

- Experience with security scanning tools such as SonarQube, Fortify, or Checkmarx.

- Ability to effectively communicate security risks and mitigation strategies to both technical and non-technical audiences.

- Bachelor's degree in Computer Science, Information Security, or a related field.

- Demonstrated ability to work effectively in a remote or hybrid work environment, collaborating with distributed teams.

- 5 to 8 years of experience in a DevSecOps or related role.