Job Summary:

We are seeking a highly skilled Senior Security DevOps Engineer to design, implement, and manage secure, automated CI/CD pipelines and DevSecOps processes across cloud-native and on-premises environments.

The ideal candidate will possess extensive experience in containerization (Kubernetes/Docker/AKS), Azure DevOps, Java Microservices and Angular builds, and security integration throughout the development lifecycle. The role demands strong knowledge in security tools, automation frameworks, and cloud infrastructure security (Azure preferred, AWS/GCP desirable).

Key Responsibilities:

Design, implement, and manage end-to-end DevSecOps pipelines for application build, test, and deployment using Azure DevOps, Jenkins, and Ansible.

Automate and secure CI/CD processes using security scanning, code quality, and compliance checks.

Integrate and manage SAST, DAST, and SCA tools (e.g., SonarQube, Fortify, Checkmarx, OWASP ZAP, Veracode).

Implement and manage containerized environments using Kubernetes (preferred AKS) and Docker.

Secure APIs and manage sensitive data using Azure Key Vault and secrets management best practices.

Build, deploy, and maintain Java microservices, Angular SPAs, and MLOps pipelines.

Manage and monitor OpenShift clusters and integrate with DevOps workflows.

Leverage Azure DevOps for reusable CI/CD templates, YAML-based pipelines, and environment automation.

Conduct infrastructure security hardening, vulnerability remediation, and compliance audits.

Collaborate with development and security teams to embed security controls into SDLC and deployment pipelines.

Manage configuration, logging, and monitoring using SIEM and vulnerability reporting tools.

Support automation in testing (Selenium, Appium, TestNG, JUnit) and continuous deployment processes.

Contribute to governance and compliance (CIS Benchmarks, NIST, ISO 27001, SOC 2).

Drive DevSecOps adoption across teams through training, tooling, and process improvements.

Required Skills and Qualifications:

7–10 years of experience in Development, DevOps, or DevSecOps, with strong security integration exposure.

Proven hands-on experience with Azure DevOps (creating reusable CI/CD pipelines and job templates).

Expertise in containerization technologies — Kubernetes, Docker, and AKS (preferred).

Hands-on experience in infrastructure automation and orchestration using Ansible, Terraform, or similar tools.

Strong understanding of API security, secrets management, and Azure Key Vault.

Proficiency in Java microservices, Angular SPAs, and MLOps deployment pipelines.

Expertise in scripting languages such as Shell, Python, Ruby, Perl, and YAML.

Experience in testing automation frameworks (Maven, Appium, TestNG, JUnit, Selenium WebDriver).

Familiarity with OpenShift clusters, Artifactory, and GitHub integrations.

Strong exposure to security-specific tools including:

oSAST/DAST/SCA tools (Fortify, SonarQube, Checkmarx, OWASP ZAP)

oVulnerability scanners & reporting

oIAM & Access controls

oPenetration testing & network scanning tools

oSIEM (Security Information & Event Management) systems

Working knowledge of DevSecOps frameworks, infrastructure as code (IaC), and compliance automation.

Cloud Security Certifications preferred:

oAzure Security Engineer Associate (mandatory or equivalent experience)

oAWS or GCP Security certifications (preferred).

Qualifications:

Bachelor’s degree in Computer Science, Information Technology, or related field.

Strong understanding of DevSecOps architecture, CI/CD design, and cloud-native security.

Proven ability to build secure and scalable automation frameworks.

Excellent problem-solving, communication, and cross-functional collaboration skills