DevSecOps Lead - Docker/Kubernetes (8-12 yrs)

Role : DevSecOps Lead

A DevSecOps Engineer integrates security into the DevOps process, ensuring security is a core part of the software development lifecycle. They bridge the gap between developers, operations, and security teams, promoting a shared responsibility for security at every stage of development. This approach leads to more secure software and infrastructure, reducing security risks and improving the organisation's overall security.

Key Responsibilities :

Security Integration :

- Building security practices directly into the development lifecycle. Configure and maintain cloud infrastructure (AWS, Azure, GCP) according to industry security standards.

Automation :

- Implementing automated security testing and compliance checks in CI/CD pipelines.

- Streamline security processes through automation within the development workflow.

Risk Management :

- Detecting and resolving security vulnerabilities early in development.

- Conduct regular security assessments and vulnerability scans to protect the software development lifecycle.

- Track emerging security threats and vulnerabilities, recommending updates to security protocols.

Team Collaboration :

- Building a security-minded culture through cross-team partnerships and training.

- Partner with development teams to embed secure coding practices and application design principles.

- Foster a security-minded culture by providing guidance and training on best practices.

Incident Response :

- Handling security incidents and implementing preventive measures.

- Quickly identify, respond to, and resolve security incidents and potential threats.

Compliance :

- Maintaining security standards and regulatory requirements across all processes.

Customer Engagement and Solution Design :

- Lead technical discovery with enterprise customers to understand their DevOps, security, and compliance requirements.

- Translate customer requirements into actionable deployment guidelines and security frameworks

- Provide architectural guidance to customers on secure cloud deployments

- Serve as the technical bridge between customers and internal DevOps teams

Requirements :

Essential Skills :

- Coding & Scripting: Strong programming skills in Python, Java, or Ruby for building automation solutions.

- DevOps Tools: Experience with CI/CD tools (e.g., Jenkins), container orchestration (e.g., Kubernetes), and infrastructure as code (e.g., Terraform).

- Cybersecurity: Deep understanding of security practices, threat modelling, risk assessment, and vulnerability management.

- Cloud Security: Expertise in securing cloud platforms (e.g., AWS, Azure) and implementing cloud-native security tools.

- Networking & Systems: Understanding of network architecture, protocols, and infrastructure security.

- Compliance: Knowledge of key regulations like GDPR, HIPAA, and SOC 2.

- Problem-solving: Sharp analytical skills for identifying and resolving security challenges.

- Communication: Ability to collaborate across teams and build security awareness.

- Learning Mindset: Drive to stay current with emerging security trends and technologies.

- Incident Response: Skill in managing security incidents and implementing recovery measures.

- Experience presenting technical solutions to enterprise customers

- Strong consulting and requirement gathering capabilities

- Experience creating technical documentation for diverse audiences

- Proven track record in solution architecture.

Qualifications :

- Bachelor's degree in Computer Science, Information Security, or related field.

- Proven track record in DevOps, cybersecurity, or security-focused roles.

- Deep expertise with cloud platforms (AWS, Azure, GCP) and their security architectures.

- Extensive hands-on experience with automation tools (e.g., Jenkins, Ansible) and container technologies (e.g., Docker, Kubernetes).

- Strong command of scripting languages like Python, Bash, or Ruby for security automation.

- Comprehensive knowledge of network security, encryption protocols, and secure communications.

- Working knowledge of key compliance frameworks and regulations (e.g., GDPR, ISO 27001).

- Sharp problem-solving abilities with proven success in fast-paced environments.

- Exceptional communication skills with a talent for cross-team collaboration.

eate significant value for themselves