Title: Lead DevOps Engineer
***Diversity candidates preferred***
Overview
:We are seeking a highly skilled and motivated Lead DevOps Engineer to join our dynamic team. As a key member of our DevOps team, you will be responsible for leading, implementing, and maintaining DevOps Engineering, Governance, Compliance, and Security practices throughout the solution development and deployment lifecycle. The ideal candidate will possess a strong background in DevOps and a good understanding of security principles to ensure the delivery of secure and resilient systems
Responsibilities:
- Strategy and Leadership:
- Develop and lead the implementation of the DevOps strategy, collaborating with cross-functional teams.
- Provide technical leadership to the DevOps team on DevOps engineering best practices.
- Security Architecture:
- Design, implement, and maintain secure infrastructure and application architectures.
- Conduct regular product/solution architecture reviews and provide recommendations for improvements.
- Automation and Scripting:
- Automate manual processes within the CI/CD pipeline.
- Develop and maintain scripts and tools for automating DevOps & SRE tasks.
- Security Testing:
- Oversee static and dynamic application security testing (SAST and DAST).
- Lead code reviews and collaborate with development teams to remediate vulnerabilities.
- Incident Response:
- Lead and coordinate incident response efforts in the event of security incidents or breaches.
- Develop and maintain incident response plans and playbooks.
- Policy and Compliance:
- Develop and enforce DevOps Governance & Compliance policies, procedures.
- Ensure compliance with relevant regulations and standards.
- Collaboration:
- Collaborate closely with development, operations, and security teams to integrate security into the entire SDLC.
- Provide guidance and training to teams on DevOps best practices.
- Monitoring and Alerting:
- Implement and manage DevOps monitoring and alerting systems.
- Respond to and investigate security alerts in collaboration with the incident response team.
Qualifications:
- Education and Certifications:
- Bachelor's or Master’s degree in Computer Science, or a related field.
- Relevant certifications (e.g., Cloud, IaC, CICD etc.).
- Experience:
- Proven experience in leading DevOps initiatives.
- Extensive experience in software development, IT, or security roles.
- Technical Skills:
- Proficiency in scripting and programming languages (e.g., Python, TypeScript, Shell).
- Expertise with CI/CD tools (GitHub Actions).
- Strong understanding of Security Tools (e.g., Imperva WAF, AWS WAF, WIZ, Veracode, NetSkope VPN, AWS Security Hub, AWS Inspector, Amazon GuardDuty, AWS Shield, AWS Firewall Manager).
- Deep knowledge of AWS WAR principles.
- Good Knowledge on DevSecOps practices like Code analysis, Change management, Compliance management, Threat modelling, and Security training.
- Working experience on IaC, SCA, SAST, IAST, DAST, API Security tools/Concepts.
- Good exposure of Code scanning, security vulnerability tools.
- Proficient in Automating security processes, Integrate security tools, Implement least privilege access, Encrypt data at rest and in transit, Establish monitoring and logging, Implement continuous compliance, Perform regular security assessments, Establish incident response plans, Foster a culture of security awareness.
- Security Knowledge:
- In-depth understanding of security concepts, protocols, and standards.
- Familiarity with security testing tools and methodologies.
- Communication and Leadership:
- Excellent communication skills to convey complex security concepts to technical and non-technical stakeholders.
- Strong leadership and interpersonal skills to inspire and guide the DevOps team.
