DevSecOps Engineer

Job Summary

We are looking for a DevSecOps Engineer with strong hands-on experience in Azure Cloud, Azure DevOps CI/CD pipelines, and security best practices. The ideal candidate will be responsible for building secure development pipelines, implementing cloud security controls, and collaborating with development, security, and operations teams to deliver scalable and compliant solutions.

Key Responsibilities

DevOps & Automation

Design, implement, and maintain CI/CD pipelines using Azure DevOps and GitHub Actions

Automate infrastructure provisioning using Infrastructure as Code (Terraform, ARM templates, or Bicep)

Manage containerization and orchestration using Docker and Kubernetes (AKS)

Monitor infrastructure, applications, and logs using Azure Monitor, Log Analytics, and Application Insights

Security (DevSecOps)

Integrate SAST, DAST, and SCA tools into CI/CD pipelines

Implement Azure security best practices using Defender for Cloud, Azure Security Center, Key Vault, RBAC, and Azure Policies

Perform vulnerability assessments and ensure timely remediation

Automate security and compliance checks aligned with CIS Benchmarks, ISO, SOC standards

Manage secrets, certificates, and access controls using Azure Key Vault

Cloud & Infrastructure

Manage and optimize Azure resources including VMs, Storage Accounts, VNETs, NSGs, Load Balancers

Implement zero-downtime deployment strategies (blue-green, canary, rolling deployments)

Ensure scalability, reliability, and high availability of cloud environments

Troubleshoot issues related to cloud infrastructure, CI/CD pipelines, and security controls

Collaboration

Work closely with development, security, and operations teams

Provide guidance on secure coding practices and cloud security architecture

Support release management and continuously improve DevSecOps processes

Required Skills

Hands-on experience with Azure Cloud Services

Strong experience with Azure DevOps / GitHub Actions CI/CD pipelines

Good understanding of Cloud Security, IAM, RBAC, and Azure Key Vault

Experience with Docker and Kubernetes (AKS)

Hands-on knowledge of SAST / DAST tools (SonarQube, Checkmarx, Veracode, GitHub Advanced Security, etc.)

Scripting experience using Bash, PowerShell, or Python

Experience with Terraform / Bicep / ARM templates

Experience with monitoring tools like Azure Monitor, Grafana, Prometheus

Good understanding of networking concepts: VNET, VPN, DNS, Load Balancers, Firewalls