DevSecOps Engineer - CISSP Certified (6-12 yrs)

We have an opportunity for DevSecOps role with one of our client for Chennai Location

Summary & Ideal Candidate Profile :

- We seek a skilled and experienced DevSecOps Engineer to champion secure development practices within our large-scale refactoring project in the financial services industry.

- You'll drive the integration of security into every stage of our software development lifecycle (SDLC), leveraging cloud technologies and a proactive approach to threat prevention.

- Employing DevOps methodologies, automation, and a deep understanding of cloud security, you'll collaborate across teams to develop robust, secure, and compliant solutions.

- The ideal DevSecOps Engineer possesses a Master of Technology (MTech) in Computer Science Engineering, IT, Information Systems, or a related field.

- A strong blend of development, security, and operational expertise is key.

- You have 6+ years of experience, including proficiency in cloud DevOps practices and a demonstrable focus on integrating security throughout the SDLC. Your passion for automation, secure coding, infrastructure management, and a security-first mindset make you stand out.

Responsibilities :

- Development & Security Integration: Select and implement security tools across the SDLC (SAST, DAST, SCA, etc.). Guide secure coding standards, conduct code reviews, and promote security-centric development.

- Cloud Infrastructure & Operations: Design, provision, and optimize secure cloud environments (AWS, Azure, GCP) using Infrastructure as Code (IaC).

- Automate configuration, deployment, and monitoring to streamline processes while upholding security.

Threat Detection & Response :

- Proactively monitor systems, analyze security events,and orchestrate timely incident response to mitigate potential breaches.

- Collaborate on incident response plans and remediation activities.

- Security Culture & Compliance: Champion a security-aware culture, offering

- DevSecOps training and mentorship for development and operations teams.

- Ensure adherence to security standards and regulations relevant to the financial sector.

- CAMS/JD/ Business Analyst Page 3 of 3 People Practices

Tooling & Automation :

- Maintain our DevSecOps toolchain, research emerging technologies, and foster automation across testing, deployment, and security processes for efficiency and reliability.

- Stay up to date on emerging cloud technologies and best practices.

- Java, Python, C++, C#, or

- Golang. Full-stack development experience with technologies like Flutter, Xamarin, Angular, or similar frameworks.

- Proven track record of building and implementing CI/CD pipelines in cloud environments.

- Ability to work independently and as part of a fast-paced team.

Preferred Qualifications :

- Experience working within the financial services industry and its relevant regulations (PCI DSS, etc.).

- Familiarity with Agile methodologies and CI/CD practices.

- Certifications in cloud security or relevant DevSecOps areas (AWS security certifications, CCSK, CISSP, etc.).

- Experience with containerization technologies like Docker and Kubernetes.

- Knowledge of serverless technologies and cloud-native security best practices.

- Experience with GitOps workflow and Version Control Systems (VCS) like Git