DevSecOps Engineer

We are seeking a highly skilled and experienced Senior Dev Sec Ops  Engineer to join our dynamic team. In this role, you will be responsible for integrating security practices into Dev Ops processes to ensure the deployment of secure, high-quality IT infrastructure. You will work closely with global and local development teams, manufacturing operations teams, and security teams to implement and maintain security measures across our CI/CD pipelines, automate security testing, and monitor systems for vulnerabilities.

You will work closely with business to understand stakeholder requirements and act in accordance with the agile methodology principles.

Key Responsibilities:

Integrate security practices into the Dev Ops lifecycle, from development to deployment and operations.
Design, implement, and manage secure CI/CD pipelines, ensuring automated security testing at every stage.
Develop and enforce security policies and procedures for infrastructure as code (IaC) and configuration management.
Perform regular security assessments, vulnerability scanning, and penetration testing to identify and mitigate risks.
Collaborate with development and operations teams to ensure secure coding practices and secure deployment configurations.
Implement and maintain security monitoring and incident response systems to detect and respond to threats in real-time.
Provide guidance and training to development and operations teams on security best practices and emerging threats.
Stay up-to-date with the latest security trends, tools, and technologies, and proactively implement improvements.
Lead and mentor junior Dev Sec Ops  engineers, fostering a culture of security awareness and continuous learning.
Provide support to deployment projects and work with third party vendors.
Analyze requirements to understand how the introduction of new features/ functions can impact the existing product.
Drive innovation within the factory organization.

Qualifications:

Bachelor's degree in Computer Science, Engineering, Information Technology, or a related field.
Minimum of 7 years experience in Software development, Systems Admin, IT Support, Site Reliability (or Build & Release) Engineering, or Network/Test/QA/DBA roles.
At least 3+ years in a Dev Ops or Dev Sec Ops  role.
Strong knowledge of security principles, practices, and technologies, including encryption, authentication, authorization, and network security.
Proficiency with CI/CD tools such as Jenkins, Git Lab, or Azure Dev Ops, and experience integrating security tools into CI/CD pipelines.
Hands-on experience with security testing tools such as SAST, DAST, SCA, and penetration testing frameworks.
Expertise in cloud platforms (Azure preferred) and securing cloud infrastructure.
Strong scripting and automation skills (Python, Bash, Power Shell, etc.).
Familiarity with containerization (Docker) and orchestration (Kubernetes) security practices.
Excellent problem-solving skills and the ability to work independently as well as part of a team.
Strong communication skills, with the ability to explain complex security concepts to non-technical stakeholders.
Relevant certifications such as Azure Security Engineer Associate, Azure Dev Ops Engineer Expert, Azure Solutions Architect Expert are highly desirable.

Preferred

Skills:

Hands-on experience with Microsoft Azure Local / Azure Stack / AKS on-prem environments.

Experience with infrastructure as code (IaC) tools such as Terraform.
Experience using Ansible for configuration management, automation, and operational consistency across Linux and Windows environments.

Experience with Apache Kafka or similar event streaming platforms (design, deployment, or operations)
Background in software development with experience in secure coding practices.
Familiarity with microservices architecture and securing APIs.

Experience with log management and monitoring tools such as Checkmk, Azure Monitor, Nagios, ELK Stack, Splunk, or Prometheus.