DevSecOps Engineer

Job Title: DevSecOps Engineer

Department: Technology

Location: Poloroche Business Avenue, Viman Nagar, Pune

Experience: 2+ years

Reporting To: Senior Principal SRE and Head of Engineering

The DevSecOps Engineer - will be responsible for the secure design, automation, and compliance of cloud-native infrastructure across AWS and Kubernetes environments. This role focuses on embedding security controls within AWS workloads and CI/CD pipelines to ensure continuous compliance with organizational and regulatory standards.

● Deploy, secure, and manage Kubernetes environments in alignment with CIS and NIST controls.

● Implement AWS security best practices for IAM, networking, storage, encryption, and logging.

● Integrate security validation stages into CI/CD pipelines, ensuring vulnerability scanning and compliance checks are automated.

● Utilize AWS Config, AWS Organizations, Security Hub, GuardDuty, and CloudTrail to maintain continuous visibility and governance over workloads.

● Author and enforce security policies, RBAC configurations, and least-privilege access models.

● Automate governance tasks such as tagging enforcement, configuration remediation, and compliance reporting using Lambda or Step Functions.

● Support compliance audits by providing configuration evidence and remediation reports.

● Collaborate with cross-functional teams to ensure adherence to ISO 27001 and SOC2 security - compliance standards throughout the development lifecycle.

● Conduct internal security training sessions for development and engineering teams across the organization.

● Bachelor’s or Master’s degree in Computer Science, Information Security, or a related field.

● 2+ years of experience in DevSecOps, Cloud Security, or Infrastructure Automation.

● Proficiency in at least one CI/CD tool, such as CircleCI, Argo Project, GitHub Actions, or similar, is essential.

● Exposure of Kubernetes operations, security configurations, and policy enforcement.

● Hands-on experience with AWS services including IAM, EC2, S3, VPC, Lambda, Organizations, Secrets Manager, Security Hub, CloudTrail, CloudWatch, EventBridge, Security Hub, Route 53, CloudFront, and ECR.

● Experience integrating automated security tools like SonarQube, OWASP ZAP, Synk, into CI/CD pipelines for proactive vulnerability management.

● Understanding of the OWASP Top 10 vulnerabilities and secure coding practices.

● Working knowledge of security and compliance frameworks including ISO 27001 and SOC2, and the ability to implement controls supporting these standards across cloud environments.

● Understanding of OIDC, SSO, and identity federation between Kubernetes and AWS.

● Exposure to Kubernetes Admission Controllers, OPA/Gatekeeper, or Kyverno for policy enforcement.

● Experience with centralized secrets management tools such as AWS Secrets Manager.

● Contribution to open-source DevSecOps tools, community projects, or speaking engagements at security conferences.

● Relevant AWS or Kubernetes certifications