Application & Cloud Security Engineer (DevSecOps)

About the Role

Key Responsibilities

• Secure web applications against vulnerabilities
• Implement application security best practices (OWASP Top 10)
• Integrate security into CI/CD pipelines (SAST, DAST, secret scanning, image scanning)
• Manage cloud security controls across AWS/Azure/GCP
• Work on IAM, RBAC, and identity security
• Conduct application vulnerability assessments and remediation support
• Secure APIs, authentication systems, and backend services
• Collaborate with DevOps and engineering teams for DevSecOps implementation
• Assist in securing blockchain components (nodes, wallets, APIs)
• Maintain security documentation and audit evidence
• Support ISO 27001 and compliance processes

Must-Have Qualifications

• 8+ years in application security, cloud security, or DevSecOps
• Experience securing MERN stack applications
• Strong knowledge of OWASP Top 10 and secure coding practices
• Hands-on experience with CI/CD tools (GitLab, Azure DevOps)
• Experience with cloud platforms (AWS, Azure, or GCP)
• Understanding of API security, authentication, and authorization
• Experience with security tools (SAST, DAST, SCA)
• Knowledge of IAM and cloud identity systems
• Basic scripting (Python, Bash)

Nice-to-Have

• Experience with container/Kubernetes security
• Exposure to blockchain security concepts
• Familiarity with tools like Burp Suite, OWASP ZAP, Prisma Cloud, Aqua
• Certifications like CEH, AWS Security Specialty, AZ-500, CISSP

Why Join Us

• Opportunity to work on secure application architecture in FinTech
• Hands-on experience with DevSecOps and cloud-native security
• Clear growth path toward Cloud Security Engineer / DevSecOps Lead