Job Description
Overview:
The DevSecOps Engineer will integrate security practices into the software development lifecycle (SDLC) and DevOps workflows, ensuring that security is embedded into every phase of system design, development, deployment, and maintenance. This role will involve managing and automating security tools, enforcing best practices for secure coding, infrastructure, and deployment, and ensuring that the organization’s systems and platforms are compliant with industry standards and regulations.
Key Responsibilities:
1. Implement and enforce security controls across the entire DevOps pipeline (CI/CD), including code, build, deployment, and runtime environments.
2. Collaborate with development and operations teams to ensure that security is a priority at
3. Integrate static and dynamic security testing tools (e.g., SAST, DAST) into CI/CD pipelines to automatically detect vulnerabilities in code and applications.
4. Use automated tools for vulnerability scanning, threat modeling, and compliance checks.
5. Ensure that infrastructure and configuration code (e.g., Terraform, CloudFormation) follow security best practices and are free from vulnerabilities.
6. Automate security controls and compliance testing for cloud infrastructure (AWS, Azure, GCP) using IaC tools.
7. Work with cloud platforms (e.g....