DevSecOps Engineer

Nextjob
Full-timeColombo, Sri Lanka

The Hiring Company

A trusted Digital Engineering and Enterprise Modernization partner, combining deep technical expertise and industry experience to advance innovations in Digital Transformation and Software Product Engineering offering a wide range of battle-tested solutions, creating a unique competitive advantage to see beyond and rise above.

We work with many industry leading organizations across 18 countries - including 14 of the 30 most innovative US companies, 80% of the largest banks in the US and India, and numerous innovators across the healthcare ecosystem. In addition, we are recognized across the industry as market leaders in delivery and customer excellence, as rated by ISG (2020 and 2021 ISG Star of Excellence Awards).

The company is experiencing tremendous growth, with $701.1 million in trailing 12-month revenue, representing 29.8% year-over-year growth. Along with that growth, they onboarded over 4,500 new employees recently, bringing the total employee count to over 16,500 located in 18 countries across the globe.

The Role

We are seeking a skilled DevSecOps Engineer to join our team. This role is essential to integrating security practices into the DevOps process, ensuring that our software development pipeline is secure from end to end. As a DevSecOps Engineer, you will work closely with development, operations, and security teams to implement automated security practices and monitor security protocols, driving best practices for secure software development and deployment.

Responsibilities

  • Collaborate with DevOps and development teams to integrate security practices into CI/CD pipelines, embedding security into every phase of the development lifecycle.
  • Implement and manage security tools for static code analysis, vulnerability scanning, container security, and runtime application self-protection (RASP).
  • Develop monitoring and logging solutions to detect security incidents early. Respond to security incidents, ensuring proper analysis, documentation, and resolution.
  • Manage and secure configuration files, ensuring best practices for secrets management, identity and access management (IAM), and role-based access control (RBAC).
  • Maintain compliance with security standards (e.g., GDPR, SOC2) and conduct regular risk assessments and vulnerability analyses. Provide guidance on mitigating identified risks.
  • Educate development teams on security best practices, contributing to a security-focused company culture.
  • Identify areas for process automation and enhancement, improving the efficiency and security of the software development lifecycle.

Requirements

  • Experience with AWS Cloud & services like EC2, Lambda, Fargate, SQS, ALB, RDS, Secret Manager, ACM, Cloud Front, API Gateway, Autoscaling
  • Experience with SNS, WAF, CloudWatch & CloudTrail
  • Experience with Cloud Formation or Terraform
  • Experience with CI/CD Pipeline using Jenkins or AWS Code Pipeline & Shell scripting
  • Experience with Containerization technologies like Kubernetes, Docker and Helm charts
  • Experience with Cloud monitoring tools
  • Familiar with Cloud Security and related services like security hub, inspector
  • Good knowledge in deployment of microservices on cloud is preferred.
  • Hands-on working experience with Git based repository and Linux.

Benefits

  • Competitive salary and benefits package 💰
  • Flexible work arrangements (remote or hybrid) 🏡
  • Opportunities for continuous learning and professional development 📚
  • Collaborative and supportive work culture 🤝
  • The chance to work on impactful, large-scale projects 🌍

Apply for this job

Resume/CV*

Click or drag file to this area to upload your Resume

Please make sure to upload a PDF

First Name*
Last Name*
Email*
Phone Number*