Job Description:
We are seeking a proactive and security-focused DevSecOps Engineer to help embed security best practices across our cloud and application platforms. The ideal candidate has approximately 3 years of hands-on experience with AWS, Kubernetes, and Docker, and a strong understanding of DevOps workflows with a security-first mindset.
Key Responsibilities
1. Integrate security practices into CI/CD pipelines (DevSecOps)
2. Design, deploy, and maintain secure AWS cloud infrastructure
3. Secure and manage Kubernetes clusters and containerized workloads
4. Implement container security best practices for Docker
5. Automate security checks such as vulnerability scanning, policy enforcement, and compliance
6. Manage secrets, access controls, and identity policies (IAM)
7. Monitor, detect, and respond to security incidents and vulnerabilities
8. Conduct security reviews, risk assessments, and remediation activities
9. Collaborate with engineering teams to promote secure coding and deployment practices
Essential Skills and Qualifications
10. Around 3 years of experience in DevSecOps, DevOps, or Cloud Security roles
11. Strong hands-on experience with AWS services (IAM, VPC, EC2, EKS, S3, CloudWatch, etc.)
12. Practical experience with Kubernetes security (RBAC, network policies, pod security)
13. Solid experience with Docker and container security concepts
14. Experience integrating security tools into CI/CD pipelines (Gitlab)
15. Familiarity with Linux systems, networking, and cloud security fundamentals
16. Understanding of vulnerability management and threat modeling
17. Ability to work in an agile, collaborative environment
Desirable Skills
18. Experience with Infrastructure as Code tools (Terraform, CloudFormation)
19. Familiarity with container and cloud security tools (Trivy, Aqua, Prisma Cloud, Falco)
20. Knowledge of monitoring and logging tools (Prometheus, Grafana, ELK, CloudWatch)
21. AWS, Kubernetes, or security certifications (e.g., AWS Security Specialty, CKS)
22. Experience with compliance frameworks (ISO 27001, SOC 2, CIS Benchmarks)
Seniority:
Expert