DevSecOps Engineer
The DevSecOps Engineer is responsible for integrating security across the software development lifecycle, ensuring systems are secure, scalable, and reliable. This role partners closely with development, operations, and security teams to embed best practices and proactively manage risk.
Key Responsibilities
Collaboration & Enablement
- Provide security guidance during system design, development, and code reviews.
- Promote security awareness through training and knowledge sharing across teams.
- Collaborate with internal stakeholders and external partners as needed.
Infrastructure & Cloud Security
- Implement and manage secure infrastructure using infrastructure-as-code methodologies.
- Support the security and performance of cloud-based environments.
- Monitor system usage and optimize resources to maintain efficiency and cost-effectiveness.
- Maintain documentation, including architecture diagrams and system configurations.
Secure Development & CI/CD
- Support the design and maintenance of secure build and deployment pipelines.
- Integrate automated security testing into development workflows.
Vulnerability & Threat Management
- Identify, assess, and remediate security vulnerabilities in applications and infrastructure.
- Monitor systems and logs for potential threats, incidents, or misconfigurations.
- Contribute to improving defenses against common security risks.
Security Governance & Compliance
- Assist with audits and support compliance with relevant security frameworks and standards.
- Maintain security policies, procedures, and documentation.
