DevSecOps Engineer

checkmarx

pune 3 Years Exp Posted 4d ago

Job Description

  • Design, implement, and automate secure, scalable infrastructure for Checkmarx One™ environments, ensuring scale, high availability and compliance with FedRAMP requirements.
  • Develop and maintain CI/CD pipelines with a focus on secure software supply chain practices (e.g., SBOMs, signing, verification).
  • Harden Kubernetes-based deployments by building and enforcing security controls using Kubernetes Operator Framework, Network Policies, and Pod Security Standards.
  • Integrate and manage observability and security monitoring tools, such as Fluent Bit, ELK, Grafana, Prometheus, and cloud-native security tooling (e.g., AWS GuardDuty, Inspector).
  • Collaborate with application security, product engineering, and compliance teams to define and enforce DevSecOps best practices.
  • Conduct threat modeling and risk assessments of infrastructure changes and implement remediation strategies as needed.
  • Lead the adoption of secure-by-default templates infrastructure-as-code (AWS CDK, Terraform, etc.) reusable automation.
  • Assist in evidence collection and environment preparation for FedRAMP audits and continuous monitoring.

 

Requirements

 

Requirements

  • 3-5 years of experience as a DevOps, Site Reliability, or Platform Engineer with a strong focus on security (DevSecOps).
  • In-depth experience securing production environments on AWS (or other major clouds) using least privilege, identity federation, VPC security, etc.
  • Proven expertise with Kubernetes and the Operator Framework, including workload security hardening, admission controllers, and custom operators.
  • Strong knowledge of CI/CD and infrastructure-as-code tools such as Jenkins, GitHub Actions, CircleCI, AWS CDK, or Terraform.
  • Experience building and managing secure containerized environments using Docker, Helm, and Argo CD.
  • Proficiency in at least one programming or scripting language (Python, Bash, or Go) with emphasis on automation and secure coding.
  • Familiarity with compliance frameworks such as FedRAMP, SOC 2, or ISO 27001, and how they apply to cloud-native architectures.
  • Experience integrating security observability and logging systems (e.g., Fluent Bit, ELK, Prometheus, AWS CloudTrail).
    • Strong analytical and problem-solving skills with a security-first mindset.

Similar Openings for You