Job Description:

We are seeking a highly skilled DevSecOps Security Engineer to join our team and help drive secure software development and cloud security initiatives. The ideal candidate will have a strong passion for security, hands-on coding experience, and the ability to design and implement security solutions across multi-cloud, on-premises, and hybrid environments. This role requires collaboration with engineering, business, and IT teams to embed security into every phase of the development and deployment lifecycle while ensuring regulatory compliance and data protection.

Key Responsibilities:

• Develop, document, and enforce security policies, standards, and best practices across development teams.

• Create secure coding guidelines and review application architecture for potential vulnerabilities.

• Implement security controls and configurations across applications, APIs, cloud resources, and networks.

• Serve as the Subject Matter Expert (SME) for Cloud, Application, and Network Security.

• Collaborate with engineering, operations, and business teams to integrate secure development practices into CI/CD pipelines.

• Mentor engineering teams on secure design patterns, code reviews, and threat modeling.

• Analyze security gaps and design mitigation strategies for cloud and on-premises systems.

• Lead vulnerability assessments, penetration testing, threat modeling, and security audits.

• Implement and manage security for multi-cloud platforms (AWS, Azure, GCP) including containers and Kubernetes.

• Partner with IT operations to ensure 24/7 security monitoring, incident response, and disaster recovery.

• Develop and maintain documentation for security incident response plans, recovery strategies, and post-incident analysis.

• Automate security processes, monitoring, and alerting to reduce manual interventions.

Professional Skills:

• Strong coding/scripting experience: Python, Bash, SQL, Java, C/C++, C#, JavaScript, Go, Scala.

• Deep expertise in Cloud Security (AWS, Azure, GCP), containers, Kubernetes, and serverless architectures.

• Experience with CI/CD tools (Jenkins, GitLab CI, Azure DevOps, etc.) and deployment automation frameworks.

• Knowledge of Identity and Access Management (IAM) and authentication protocols.

• Experience with configuration management tools (Ansible, Puppet, Chef, Terraform).

• Strong knowledge of Application Security, Data Security, and Network Security best practices.

• Experience with Data Warehouse security (e.g., Snowflake) and securing APIs.

• Strong knowledge of Web Security protocols, encryption, PKI, SSL/TLS, and vulnerability management.

• Familiarity with security compliance standards: GDPR, COPPA, HIPAA, SOC2, ISO 27001.