Senior Infrastructure Security & Compliance Engineer

Role : Senior Infrastructure Security & Compliance Engineer.

Experience : 8-12y.

Work Location : Bangalore.

Payroll on : People Prime World Wide.

Notice : 0-15days.

Job Description :

Senior Infrastructure Security & Compliance Engineer (Zero-Touch GPU Cloud GitOps-Driven Compliance & Resilience).

We are seeking a Senior Infrastructure Security & Compliance Engineer with 10+ years of experience in infrastructure and platform automation to drive the Zero-Touch Build, Upgrade, and Certification pipeline for our on-prem GPU cloud environment.

This role is focused on integrating security scanning, policy enforcement, compliance validation, and backup automation into a fully GitOps-managed GPU cloud stack, spanning hardware ? OS ? Kubernetes ? platform layers.

Key Responsibilities :

- Design and implement GitOps-native workflows to automate security, compliance, and backup validation as part of the GPU cloud lifecycle.

- Integrate Trivy into CI/CD pipelines for container and system image vulnerability scanning.

- Automate kube-bench execution and remediation workflows to enforce Kubernetes security benchmarks (CIS/STIG).

- Define and enforce policy-as-code using OPA/Gatekeeper to validate cluster and workload configurations.

- Deploy and manage Velero to automate backup and disaster recovery operations for Kubernetes workloads.

- Ensure that all compliance, scanning, and backup logic is declarative and auditable through Git-backed repositories.

- Collaborate with infrastructure, platform, and security teams to define security baselines, enforce drift detection, and integrate automated guardrails.

- Drive remediation automation and post-validation gates across build, upgrade, and certification pipelines.

- Monitor evolving security threats and ensure tooling is regularly updated to detect vulnerabilities, misconfigurations, and compliance drift.

Required Skills & Experience :

- 10+ years of hands-on experience in infrastructure, platform automation, and systems security.

- Primary key skills required are Python/Go/Bash scripting, OPA Rego policy writing, CI integration for Trivy & kube-bench, GitOps.

- Strong knowledge and practical experience with :

- Trivy for container, filesystem, and configuration scanning.

- kube-bench for Kubernetes CIS benchmark compliance.

- Velero for Kubernetes-native backup and disaster recovery.

- OPA/Gatekeeper for policy-as-code and admission control.

- Deep understanding of GitOps workflows (e.g., Argo CD, Flux) and how to integrate security tools declaratively.

- Proven experience automating security, compliance, and backup validation in CI/CD pipelines.

- Solid foundation in Kubernetes internals, RBAC, pod security, and multi-tenant best practices.

- Familiarity with vulnerability management lifecycles and security risk remediation strategies.

- Experience with Linux systems administration, OS hardening, and secure bootstrapping.

- Proficiency in scripting languages such as Python, Go, or Bash for automation and tooling integration.

Bonus :

- Experience with SBOMs, image signing, or container supply chain security.

- Exposure to regulated environments (e.g., PCI-DSS, HIPAA, FedRAMP).

- Contributions to open-source security/compliance projects.