Company Overview :

StatusNeo Technology Consulting Pvt. Ltd. is a rapidly growing technology consulting firm specializing in providing cutting-edge DevOps and Cloud solutions to enterprises across various industries. We empower our clients to accelerate their digital transformation journeys by leveraging the latest technologies and best practices. Our expertise spans across cloud platforms like AWS, Azure, and GCP, enabling us to deliver scalable, secure, and cost-effective solutions. We pride ourselves on our collaborative and innovative culture, fostering an environment where our employees can thrive and make a significant impact.

Role Overview :

As a DevSecOps Engineer at StatusNeo, you will be instrumental in integrating security practices into our DevOps pipelines, ensuring the secure and efficient delivery of software applications. You will collaborate closely with development, operations, and security teams to automate security controls, conduct vulnerability assessments, and implement security best practices throughout the software development lifecycle. Your work will directly contribute to enhancing the security posture of our clients' applications and infrastructure, mitigating risks, and ensuring compliance with industry standards.

Key Responsibilities :

- Design and implement security automation solutions within CI/CD pipelines using tools like ArgoCD, enhancing the speed and reliability of secure software releases.

- Conduct vulnerability assessments and penetration testing on applications and infrastructure, identifying and remediating security weaknesses for clients.

- Develop and maintain security policies, standards, and procedures, ensuring adherence to industry best practices and regulatory requirements.

- Implement and manage SAST/DAST tools to identify security vulnerabilities early in the development lifecycle, reducing the cost and effort of remediation.

- Automate security controls and compliance checks in cloud environments (AWS), ensuring continuous monitoring and enforcement of security policies.

- Collaborate with development and operations teams to integrate security into the software development lifecycle, fostering a culture of security awareness and shared responsibility.

- Manage and secure containerized applications using Kubernetes, implementing security best practices for container orchestration and management.

- Develop and maintain infrastructure-as-code (IaC) templates with security baked in, ensuring consistent and secure deployments across environments.

Required Skillset :

- Demonstrated ability to design, implement, and manage secure CI/CD pipelines using tools like Jenkins, GitLab CI.

- Proven expertise in conducting vulnerability assessments and penetration testing, with a strong understanding of common security vulnerabilities and attack vectors.

- Strong scripting skills (e.g., Python, Bash) for automating security tasks and integrating security tools into DevOps workflows.

- In-depth knowledge of cloud security best practices and experience securing AWS environments.

- Hands-on experience with containerization technologies (e.g., Docker) and container orchestration platforms (e.g., Kubernetes).

- Excellent communication and collaboration skills, with the ability to effectively communicate security risks and recommendations to technical and non-technical audiences.

- Bachelor's degree in Computer Science, Information Security, or a related field.

- Ability to work independently and as part of a team in a fast-paced, dynamic environment, adapting to changing priorities and requirements.

- 4- 8 years of relevant experience in DevSecOps or a related role.