DevSecOps Engineer

DevSecOps Engineer-AI Labs

Responsibilities

DevSecOps Engineer-AI Labs

CI CD Security & Automation:

Implement security automation within CI CD pipelines, ensuring real-time threat detection and remediation.

Integrate security testing tools (SAST, DAST, SCA) into DevOps workflows, reducing vulnerabilities in software releases.

Develop Infrastructure as Code (IaC) security policies using Terraform and Kubernetes, enforcing compliance from deployment to runtime.

Monitor and enhance container security, ensuring secure deployment and runtime configurations.

Cloud & Infrastructure Security:

Deploy security controls across cloud environments (Azure, GCP, Akamai) to protect AI-driven applications from cyber threats.

Implement network security best practices, securing VPCs, firewalls, and access control policies.

Enhance cloud security posture by configuring compliance tools (CSPM, SIEM, IDS IPS) for real-time security monitoring.

Support automated patching and security hardening of cloud and on-prem infrastructure.

FinOps & Cost Monitoring Support:

Assist in cloud cost monitoring and optimization, ensuring efficient resource utilization and cost reduction.

Analyze infrastructure spending patterns and provide insights to prevent unnecessary cost escalations.

Optimize storage, compute, and networking resources to balance performance and cost efficiency.

Support implementation of automated scaling policies, reducing idle resource consumption.

Compliance & Risk Mitigation:

Ensure adherence to industry security standards (ISO 27001, NIST, GDPR, CCPA) by implementing compliance automation.

Perform regular vulnerability assessments and penetration testing, documenting risks and mitigation steps.

Monitor audit logs, access controls, and security configurations, ensuring compliance with enterprise security policies.

Assist in incident response and security investigations, ensuring rapid containment and resolution.

Collaboration & Continuous Improvement:

Work closely with developers, operations, and security teams to improve security integration within software development lifecycles.

Participate in security awareness training, enabling teams to follow DevSecOps best practices.

Contribute to technical documentation and knowledge sharing, ensuring consistent security implementations across projects.

Continuously evaluate emerging security threats, recommending improvements to security frameworks.

Key Stakeholders - Internal

AI & Data Science Teams

Cloud & DevOps Teams

IT Security & Compliance Teams

Engineering & Product Teams

Key Stakeholders - External

Cloud Security & DevOps Vendors (Azure, GCP, Akamai, Terraform, Jenkins)

Security Auditors & Penetration Testing Firms

DevSecOps Open-Source & Industry Communities

Qualifications

Educational Qualification:

Bachelor’s or Master’s degree in Computer Science, Cybersecurity, Engineering, or related fields.

Certification:

Certified Kubernetes Security Specialist (CKS)

AWS Certified Security – Specialty Google Professional Cloud Security Engineer Microsoft Azure Security Engineer Associate

Certified Ethical Hacker (CEH) CISSP CompTIA Security+

HashiCorp Certified: Terraform Associate Certified DevSecOps Professional (CDP)

Work Experience (Range of years):

1-10 years of experience in DevSecOps, cloud security, and AI infrastructure security.