DevSecOps Engineer - On-Premises Infrastructure (4-7 yrs)

Qualifications and Skills :

- Graduation (with relevant IT certification)

- Proven experience as an DevOps/Cloud Engineer with a proper hold on security concepts

- In-depth knowledge of Cloud (AWS) environment, security architectures, and related best practices.

- Hands-on experience with AWS Services like EC2, S3, RDS, Firewalls, intrusion detection/prevention systems i.e., IDS/IPS, VPN, and other security tools.

- Strong analytical and problem-solving skills

- Excellent communication and interpersonal abilities

Position Overview :

As a DevSecOps Engineer, you will play a crucial role in ensuring the integrity, confidentiality, and availability of our organization's cloud and on-prem infrastructure. This position involves designing, implementing, and maintaining robust solutions over cloud while proactively identifying and mitigating potential security threats. You will work closely with cross-functional teams to enhance our overall application performance, the organisation is fully-compliant and all the sensitive information/systems are well positioned for the growth.

Key Responsibilities :

- Exposure in cloud security to design, implement, and maintain automated infrastructure deployments on cloud platforms (AWS)

- To set up secure cloud environments using services like EC2, VPC, S3, RDS etc in scalable architectural patterns.

- Can Implement and maintain cloud security best practices, including server hardening, vulnerability scanning, and patch management

- Prior experience setting up CI/CD pipelines and have knowledge of a CSPM (Cloud Security Posture Mgmt) tools like AWS Security Hub/ SentinelOne/PrismaCloud or similar tool

- Hands-on experience in handling and understanding Windows & Linux platforms

- To work on remediating observations identified in security audits and vulnerability assessments.

- Collaborate with teams to enforce security policies and ensure compliance with regulatory requirements of SEBI, NSE, BSE and CDSL

- Should have sound knowledge of change, incident & problem management and also proactively involve in optimising existing processes.

Good To Have :

- Assist in conducting Cyber Audit, System Audit, Patching of critical applications & timely completion of VAPT (Internal+ External)

- Monitor network performance and ensure optimal operation through regular assessments.

- Identify and resolve issues affecting network connectivity, latency, and bandwidth.

- Have knowledge of mock BCP/DR for critical applications.

- Hands-on experience in PAM solutions, Trading applications will be an added advantage

- Configure and troubleshoot routers, switches, firewalls, and other network devices.

- Contribute to the definition of procedures & Processes necessary for the scope of work.

- Review necessary health check and monitoring reports and act appropriately.

- Work closely with IT teams and other departments to integrate security measures into all aspects of the network.