Node Js

Key Responsibilities

Security Automation & Development

• Design, develop, and maintain automation tools and services using Node.js tostreamline security operations, detection workflows, and incident response activities.

• Build custom integrations between security tools, cloud platforms, and internal systems for enhanced visibility and operational efficiency.

• Develop APIs, microservices, and CLI tools that support security automation initiatives.DevSecOps Engineering

• Embed security controls within CI/CD pipelines to enable secure software delivery atscale.

• Implement automated security testing (SAST, SCA, DAST, IaC scans) and integrateresults into developer workflows.

• Collaborate with DevOps and platform teams to ensure secure configurations acrossbuild, deployment, and cloud infrastructure environments. Cybersecurity Enablement

• Support vulnerability management processes by automating scanning, triaging, andreporting workflows.

• Work with security analysts to translate manual processes into automated, repeatable solutions. Collaboration & Technical Leadership

• Work cross-functionally with cybersecurity, DevOps, and product engineering teams to align automation efforts with organizational goals.

• Participate in architecture discussions and contribute to best-practice guidelines forsecure coding and automation.

Required Qualifications

• 4–8 years of professional experience in software engineering, DevSecOps, or securityautomation roles.

• Strong proficiency in Node.js (as a primary development language).

• Hands-on experience with CI/CD tools (e.g., GitHub Actions, GitLab CI, Jenkins, AzureDevOps).• Good understanding of cybersecurity fundamentals includingauthentication/authorization, encryption, secure coding, and network security.• Experience integrating or automating security tools (e.g., SAST/SCA scanners, SIEM,SOAR, vulnerability scanners).• Proficient with scripting and automation in Linux-based environments.

Preferred Qualifications• Experience with cloud platforms (AWS, Azure, GCP) including IaC (Terraform, ARM,CloudFormation).• Familiarity with containers and orchestration (Docker, Kubernetes).• Exposure to logging and monitoring stacks (ELK, Splunk).• Knowledge of threat detection or incident response workflows.