Job Details - Find Your Perfect Career Opportunity

DevSecOps Engineer Job Description: DevOps Engineer (Security-Aligned)

Location: Onsite – Andheri East, Mumbai

Experience Required: 5-7 years

Position Type: Full-time

Reporting To: DevOps Lead / Architect / Security Consultant (project-specific)

Notice Period: Immediate to 30 Days preferred

Role Overview:

We are looking for a hands-on DevOps Engineer with 5-7years of experience to help build and maintain secure and efficient DevOps workflows. This is an individual contributor role in a team working under the guidance of DevOps Architects and Security Consultants to implement a scalable DevSecOps-aligned framework. The engineer will be responsible for setting up secure CI/CD pipelines, infrastructure automation, containerization, and integrating basic security practices like static code analysis and secrets scanning.

Key Responsibilities:

Set up and maintain CI/CD pipelines using Jenkins, CircleCI, AWS, Azure, Bitbucket Pipelines devSecOps, GitLab, or GitHub Actions.

Integrate code quality tools like SonarQube and security tools like OWASP Dependency-Check into pipelines.

Automate infrastructure provisioning using Terraform, Ansible, or similar tools.

Containerize applications using Docker and manage UAT-level deployments to Kubernetes (EKS/GKE/minikube).

Implement and monitor GitOps practices (branching, tagging, commit policy enforcement).

Scan code repositories for exposed secrets using tools like Gitleaks or GitHub secret scanning.

Support security consultants in implementing DevSecOps policies and technical enforcement mechanisms.

Ensure logging, monitoring, and alerting are enabled for key infrastructure components (Grafana, Prometheus).

Perform regular system updates, patching, and role-based access controls (RBAC) in Linux and Kubernetes environments.

Required Technical Skill Set

Skill / Area Min. Years Production or UAT Experience Required? Notes

Git, GitHub/GitLab/Bitbucket 2+ Yes Should be proficient in pull request workflow

CI/CD Tools (Jenkins, GitHub Actions, GitLab CI) 2+ Yes Should have set up deployment pipelines

Infrastructure as Code (Terraform, Ansible) 1+ Yes Experience in provisioning UAT/prod infrastructure

Docker 1+ Yes Experience building and running containers

Kubernetes (basic) 1+ UAT/Prod-like Able to deploy, rollout, debug apps

SonarQube or similar code quality tools 1+ Yes Integration in pipeline for Java, Python, JS etc.

OWASP Dependency Check / Snyk (basic) 1+ Yes Integration or scanning of open-source libraries

Secrets Scanning (Gitleaks, GitHub scanner) 1+ Preferred Prevent secrets in code

Linux (Ubuntu/CentOS) 1+ Yes Daily CLI usage, user access, scripts

Bash / Python scripting 1+ Yes Used in automation or pipeline scripts

Monitoring/Logging (ELK, Prometheus, Grafana) 1+ Nice to Have Basic exposure preferred

Soft Skills & Traits Required

Attention to detail in CI/CD security configurations

Comfortable working under guidance with architects/security leads

Effective written and verbal communication

Ability to document pipeline flows, IaC modules, and SOPs

Problem-solving attitude and willingness to learn security best practices