Company Overview :

MERNPLUS is a rapidly growing technology company specializing in building and deploying cutting-edge web applications using the MERN (MongoDB, Express.js, React, Node.js) stack. We empower businesses across various industries with scalable, secure, and high-performance solutions. Our commitment to innovation and client satisfaction has established us as a trusted partner for organizations seeking to leverage the power of modern web technologies.

Role Overview :

As a DevSecOps Engineer at MERNPLUS, you will be instrumental in embedding security practices throughout our software development lifecycle.

You will collaborate closely with development, operations, and security teams to automate security controls, build secure infrastructure, and ensure the continuous security of our applications and cloud environments.

Your work will directly contribute to protecting our client's data and maintaining the integrity of our services, ensuring a secure and reliable experience for our users.

Key Responsibilities :

- Design and implement secure CI/CD pipelines, integrating security tools and automated security checks to proactively identify and address vulnerabilities.

- Develop and maintain Infrastructure as Code (IaC) using tools like Terraform or CloudFormation, ensuring secure configurations and compliance with security policies.

- Automate security tasks such as vulnerability scanning, penetration testing, and compliance monitoring to improve efficiency and reduce manual effort.

- Configure and manage security tools and technologies, including firewalls, intrusion detection/prevention systems, and security information and event management (SIEM) systems, to protect our cloud infrastructure.

- Conduct security assessments and penetration testing of applications and infrastructure to identify and remediate security weaknesses.

- Collaborate with development teams to provide security guidance and training, promoting a security-conscious culture throughout the organization.

- Monitor and respond to security incidents, conducting thorough investigations and implementing effective remediation measures to minimize impact.

- Develop and maintain security documentation, including security policies, procedures, and standards, to ensure consistent security practices across the organization.

- Ensure compliance with relevant security standards and regulations, such as SOC 2, GDPR, and HIPAA, to maintain customer trust and avoid legal liabilities.

Required Skillset :

- Proven ability to design, implement, and manage secure cloud infrastructure on AWS.

- Demonstrated expertise in DevOps principles and practices, including CI/CD, automation, and Infrastructure as Code.

- Strong scripting and automation skills using languages such as Python, Bash, or PowerShell.

- Deep understanding of security principles, including authentication, authorization, cryptography, and network security.

- Experience with containerization technologies such as Docker and orchestration platforms like Kubernetes.

- Proficiency in configuration management tools such as Ansible, Chef, or Puppet.

- Excellent communication, collaboration, and problem-solving skills.

- Bachelor's degree in Computer Science, Information Security, or a related field.

- Ability to work effectively in a fast-paced, dynamic environment in Noida.