Description
We are seeking a distinguished Senior DevSecOps Engineer to architect, implement, and lead our security-first engineering culture across complex, enterprise-scale environments. This role is pivotal in embedding robust security controls throughout our CI/CD pipelines, leveraging automation to ensure secure, compliant, and efficient software delivery. You will provide technical leadership across multi-cloud platforms including Azure, AWS, and GCP, while managing containerized environments with Docker and Kubernetes. The ideal candidate will master Infrastructure as Code with Terraform and Ansible, drive threat modeling, and champion secure coding principles. Your expertise will shape our governance frameworks, enhance monitoring capabilities, and mentor teams within an Agile methodology. This position requires a strategic thinker with hands-on technical prowess, capable of translating business needs into secure, scalable solutions and leading our cultural transformation towards a fully integrated DevSecOps model.
Requirements
1. 10+ years of experience in DevSecOps, DevOps, or Security Engineering roles within enterprise environments.
2. Hands-on expertise designing, implementing, and securing CI/CD pipelines using tools like Jenkins, GitLab CI, or Azure DevOps.
3. Proven experience with Infrastructure as Code (IaC) using both Terraform and Ansible for provisioning and configuration management.
4. In-depth knowledge of containerization and orchestration technologies, specifically Docker and Kubernetes, in production environments.
5. Proficiency with major cloud platforms (Azure, AWS, GCP), including their security services and best practices.
6. Experience integrating and managing security tools such as SAST (e.g., SonarQube), DAST (e.g., ZAP), and SCA (e.g., Snyk) into automated workflows.
7. Strong scripting skills in Python, Bash, or PowerShell for automating security and operational tasks.
8. Expert-level understanding of Git for version control, including branching strategies and workflow management.
Desirable
1. Experience implementing secrets management solutions like HashiCorp Vault or Azure Key Vault.
2. Familiarity with monitoring and logging solutions such as ELK Stack or Splunk.
3. Experience in designing and enforcing security governance, risk management, and compliance frameworks.
4. Proven ability to provide technical leadership, mentorship, and drive cultural change across engineering teams.
5. Strong project management skills within Agile, Scrum, or Kanban methodologies.