XStore Documentation

DevSecOps Engineer

/Posted by / 0

We are seeking a skilled DevSecOps Engineer to join our team. The ideal candidate will have a strong background in both DevOps and cybersecurity, with the ability to integrate security practices into the CI/CD pipeline. You will work closely with development, operations, and security teams to ensure our applications and infrastructure are secure from the ground up.

Key Responsibilities:

  • CI/CD Pipeline Security: Integrate security checks and automated vulnerability scanning into the CI/CD pipelines using tools such as Jenkins, GitLab CI/CD, and other relevant tools.
  • Infrastructure Security: Develop and maintain secure infrastructure as code (IaC) using Terraform, Ansible, and other automation tools.
  • Container Security: Implement container security best practices, including image scanning and runtime security for Docker and Kubernetes environments.
  • Security Assessments: Conduct regular vulnerability assessments, threat modeling, and penetration tests to identify and remediate security gaps.
  • Incident Response: Collaborate with the security team to respond to security incidents and perform forensic analysis to determine root causes and implement mitigation strategies.
  • Compliance and Governance: Ensure compliance with industry standards and frameworks such as ISO 27001, NIST, GDPR, and PCI-DSS.
  • Collaboration and Training: Work closely with development and operations teams to promote a culture of security. Conduct security training and workshops to educate teams on best practices.
  • Automation and Scripting: Develop scripts and automation tools to streamline security processes and enhance efficiency.

Required Qualifications:

  • Experience: Minimum of 3 years in a DevSecOps role or related position with a focus on cybersecurity.
  • Technical Skills:
    • Proficiency in CI/CD tools (Jenkins, GitLab CI/CD).
    • Experience with infrastructure as code (Terraform, Ansible).
    • Strong knowledge of containerization and orchestration tools (Docker, Kubernetes).
    • Proficiency in scripting languages (Python, Bash, PowerShell).
    • Familiarity with security tools (OWASP ZAP, Burp Suite, Snyk).
Job Type: Freelance Full Time
Job Location: India Remote USA

Apply for this position

Allowed Type(s): .pdf