Resident Engineer-DevsecOps/Cybersecurity

Job Summary:

The Resident Engineer for application security and DevSecOps brings expertise in implementing and managing security solutions to support organizational initiatives. The role involves the installation, configuration, maintenance, and administration of advanced security tools to safeguard applications and infrastructure. The engineer collaborates with development teams to integrate security into the application lifecycle, ensuring secure deployment practices and adherence to security standards. They provide technical guidance, resolve security-related issues, and perform regular assessments to identify and mitigate vulnerabilities. With a focus on automation and efficiency, the engineer supports the organization's transition to a robust DevSecOps culture while maintaining compliance with industry best practices.

Job Purpose:

The Resident Engineer for application security and DevSecOps brings expertise in implementing and managing security solutions to support organizational initiatives. The role involves the installation, configuration, maintenance, and administration of advanced security tools to safeguard applications and infrastructure. The engineer collaborates with development teams to integrate security into the application lifecycle, ensuring secure deployment practices and adherence to security standards. They provide technical guidance, resolve security-related issues, and perform regular assessments to identify and mitigate vulnerabilities. With a focus on automation and efficiency, the engineer supports the organization's transition to a robust DevSecOps culture while maintaining compliance with industry best practices.

Job Responsibilities:

• Administrative / Co-Ordination - Assist in onboarding legacy and modern applications onto security platforms. Guide teams in deploying applications across development, staging, and production environments. Work with teams using ticketing tools for tracking and resolving tasks.
• Execution / Implementation - Install, configure, and maintain security solutions in physical or virtual environments. Apply updates, patches, and upgrades to ensure system performance and security. Integrate application security tools with CI/CD pipelines. Manage and monitor security solutions to ensure smooth operations. Address performance, operational, or security-related issues. Assist teams in resolving vulnerabilities, including OSS, VAPT, SAST, DAST, and other security assessments. Troubleshoot and provide guidance on using security tools effectively. Support the implementation of security tools to achieve project objectives.
• People Related - Conduct periodic sessions to help teams resolve issues and improve security practices. Provide hands-on training for teams using DevSecOps platforms. Respond to troubleshooting requests and provide practical solutions.
• Strategic - Contribute to process improvements and resolve related technical challenges.

Skills:

FUNCTIONAL - 1.Understanding of DevSecOps practices and CI/CD pipeline integration. 2.Experience with application security solutions (SAST, DAST, SCA) and vulnerability management. 3.Knowledge in GRC fundamentals & any of the GRC tools.

SOFT SKILLS / BEHAVIOURAL COMPETENCIES - 1.Ability to troubleshoot performance and security issues effectively.

TECHNICAL KNOW / HOW - 1.Experience in open-source security tools and technologies. 2.Detailed expertise in application security solutions (SAST, DAST, SCA) and vulnerability management.