Cloud DevSecOps Engineer
persistent
Job Description
- Integrate and automate security controls (SAST, DAST, SCA, secrets, IaC scanning) across cloud-native CI/CD pipelines.
- Implement secure cloud infrastructure using Infrastructure-as-Code and policy-as-code.
- Harden containers, Kubernetes, and serverless workloads with security best practices.
- Build guardrails, automated compliance, and continuous posture monitoring in the cloud.
- Partner with development and platform teams to enable secure-by-default delivery.
- Triage findings, drive remediation, and continuously improve DevSecOps maturity.
Expertise You'll Bring:
- Between 8 to 12 years of experience in cloud security and DevSecOps.
- Hands-on DevSecOps experience in cloud environments (AWS, Azure, or GCP).
- Strong skills with IaC (Terraform), containers (Docker/Kubernetes), and their security.
- Experience integrating SAST/DAST/SCA and secrets management into CI/CD.
- Proficiency in scripting/automation (Python, Bash) and Git-based workflows.
- Knowledge of cloud security services, CSPM, and compliance frameworks.
- Certifications such as CKS, AWS/Azure/GCP Security, or equivalent are a plus.