SecDevOps Engineer

moneymul

Noida 2 Years Exp Posted 38d ago

Job Description

  • Secure CI/CD Implementation: Design and maintain CI/CD pipelines, integrating automated security testing tools (SAST, DAST, SCA) directly into the build process (e.g., SonarQube, OWASP ZAP).

  • Infrastructure Security: Manage Infrastructure as Code (IaC) using Terraform or Ansible with a focus on security compliance and hardening (e.g., ensuring encrypted storage, least privilege access).

  • Vulnerability Management: Proactively monitor, scan, and patch infrastructure and applications for vulnerabilities (CVEs); collaborate with developers to remediate code-level security issues.

  • Identity & Access Management (IAM): Configure and audit cloud access policies (AWS/Azure/GCP) to enforce the Principle of Least Privilege.

  • Container Security: Secure containerized environments (Docker/Kubernetes) by implementing image scanning and runtime security policies.

  • Incident Response: Participate in security incident response activities and root cause analysis for security breaches or anomalies.

  • Compliance & Audit: Ensure infrastructure and deployments comply with security standards (ISO 27001, SOC2, or GDPR) and assist in technical audits.

 

Similar Openings for You