Job openings for Devsecops Engineer in Bangalore

DevSecOps Experience: Minimum 5+ years of hands-on experience in DevSecOps, cloud
engineering, or operations roles, with demonstrated expertise in integrating security into
continuous integration and continuous deployment pipelines.
 Multi-Cloud Expertise: Strong proficiency in implementing security controls and managing
compliance across AWS (preferred), Azure, and GCP platforms, including deep knowledge of
identity services (IAM, Workload Identity), network security, and data protection offerings.
 Infrastructure as Code and Automation: Expertise with infrastructure-as-code tools such as
Terraform, CloudFormation, or Ansible, with ability to implement automated security
compliance checking and remediation across cloud platforms.
 CI/CD and DevOps Tools: Extensive experience with CI/CD platforms (Jenkins, AWS
CodePipeline, GitHub Actions, Azure DevOps) and container orchestration tools (Docker,
Kubernetes), including implementation of security scanning and policy enforcement.
 Programming and Scripting: Proficiency in scripting and programming languages commonly used
in automation and security tooling, such as Python, Bash, or Go, with ability to develop custom
solutions and automation frameworks.
 Security Testing and Scanning: Expertise in security testing methodologies, including static
application security testing (SAST), dynamic application security testing (DAST), software
composition analysis (SCA), and container scanning tools.
 Cloud Security Standards: Deep knowledge of security best practices, compliance frameworks
(SOC 2, ISO 27001, CIS Benchmarks, OWASP), and regulatory requirements relevant to financial
services and data protection (GDPR, data residency requirements).
 API and Application Security: Understanding of secure API design principles, authentication
protocols (OAuth, SAML, mTLS), encryption standards, secrets management solutions, and
application security testing frameworks.
 Networking and Infrastructure Security: Strong understanding of network security principles,
including VPCs, firewalls, network segmentation, DDoS protection, SSL/TLS, VPN, and network
monitoring solutions.
 Incident Response and Forensics: Experience developing incident response procedures,
conducting security investigations, analyzing logs, and implementing threat detection and
monitoring capabilities.
 Container and Kubernetes Security: Knowledge of container security best practices, image
scanning, runtime security, policy enforcement, and securing Kubernetes environments across
cloud platforms.