DevSecOps

Key Responsibilities

Security Automation & Engineering

• Develop, maintain, and optimize end to end automation solutions using Python to support security operations, vulnerability management, threat detection, and compliance activities.

• Build custom scripts, services, and automation pipelines tailored to cybersecurity use cases.

• Integrate automation with cloud environments, security tools, APIs, and data platforms.

DevSecOps Enablement

• Incorporate automated security checks into CI/CD pipelines (SAST, SCA, DAST, IaC scanning).

• Implement security guardrails and shift left practices to empower development teams.

• Collaborate with DevOps and platform engineering teams to ensure secure build and deployment processes.

Security Tooling & Customization

• Customize existing security platforms (e.g., SIEM, SOAR, vulnerability scanners) to meet internal requirements.

• Build connectors, enrichment pipelines, and orchestration workflows to improve security efficiency.

• Automate repetitive tasks across security operations and engineering environments.

Cybersecurity Collaboration

• Support incident response workflows by automating detection, triage, and containment mechanisms.

• Contribute to improving cybersecurity architecture through automation-driven designs.

• Assist in threat modeling and risk assessment initiatives.

________________________________________

Required Qualifications

• 4–8 years of experience in software engineering, DevSecOps, security automation, or related fields.

• Strong expertise in Python (primary development language).

• Hands-on experience with CI/CD tools such as GitHub Actions, GitLab CI, Jenkins, or Azure DevOps.

• Practical understanding of cybersecurity fundamentals: authentication, secure coding, encryption, network security.

• Experience automating or integrating with security tools (SIEM, SOAR, SCA/SAST, vulnerability scanners).

• Strong scripting and automation capabilities in Linux environments.

________________________________________

Preferred Qualifications

• Experience with cloud security and IaC (Terraform, CloudFormation, ARM, etc.).

• Understanding of container technologies (Docker, Kubernetes).

• Familiarity with logging and monitoring frameworks (ELK, Splunk, SIEM systems).