Description
BurjX is seeking a seasoned DevSecOps Engineer to drive a security-first approach across our infrastructure and software development lifecycle. This critical role involves integrating best practices, automations, and security tools into CI/CD pipelines, cloud environments, and codebases. As part of a hybrid team in the UAE, you’ll collaborate with engineering, DevOps, and compliance teams to ensure user trust is safeguarded. You will lead initiatives including threat modeling, vulnerability management, secure code reviews, and infrastructure hardening. In this fast-paced role, you will develop a security culture from the ground up, ensuring alignment with regulatory standards while advancing the organization's resilience against emerging threats.
Requirements
1. Minimum 4+ years of experience in DevOps, security engineering, or equivalent roles.
2. Proficient in embedding security practices into the SDLC and CI/CD pipelines.
3. Expertise with cloud platforms (AWS, Azure, GCP) and their security architecture.
4. Strong hands-on experience in containerization (Docker, Kubernetes) and infrastructure-as-code tools such as Terraform or Helm.
5. Proficiency with automated security tools (SAST, DAST, SCA, RASP) and their integration into development workflows.
6. Deep knowledge of secure software development practices, OWASP Top 10, and cloud security measures.
Desirable
1. Previous experience in regulated industries such as crypto, fintech, or banking.
2. Familiarity with compliance frameworks like ISO 27001, SOC 2, or NIST standards.
3. Experience with red/blue team exercises, incident response, or platform security.