Job Description – DevSecOps Lead with a Leading Online Gaming Company
About the role:
We’re seeking motivated and proactive DevSecOps Engineers with a strong technical background in building large-scale distributed systems, high on ownership, a love for working with people, and a track record of shipping high-quality applications. This is a fantastic opportunity to be part of a passionate engineering team disrupting the gaming industry in India.
What you'll do:
- Design, deploy, and manage scalable, highly available, secure, and fault-tolerant systems on AWS for the development and test lifecycle of AWS Cloud Native solutions.
- Implement and oversee security measures for the protection of cloud-based systems and infrastructure.
- Drive operational excellence through security metrics and continuous monitoring.
- Triage and remediate production issues, including security incidents. Participate in on-call rotations for escalations.
- Improve developer efficiency through security automation and integration.
- Advise on and implement industry-standard security best practices and support third-party audits and compliance checks of our systems.
- Conduct vulnerability assessments and manage the remediation process for cloud services and deployments.
- Establish strong relationships with internal partners and peer stakeholders to understand and meet their needs while operating existing systems at a high quality.
- Champion security best practices and enable and support more junior members of the team.
What we’re looking for:
- 5+ years of experience maintaining large-scale production environments in AWS.
- Deep knowledge of AWS, especially with services like S3, CloudFront, ELB, Lambda, VPC, Route 53, RDS, Elasticache, CloudWatch, EC2, Security Center, Kubernetes, ECS/Fargate, ECR.
- Expertise in AWS IAM, security groups, VPC configuration/connection, and encryption services (e.g., AWS KMS), AWS WAF, AWS Shield.
- Proficiency in using AWS security tools such as AWS Config, AWS CloudTrail, AWS GuardDuty, and AWS Security Hub for monitoring, auditing, and managing security incidents.
- Strong working knowledge on compliance, AWS & cloud security.
- Promote and integrate a DevSecOps culture within the organization.
- Solid understanding of networking principles and how it applies to data flow and security.
- 5+ years administering Linux environments with programming/scripting experience (e.g., Python, JavaScript, PowerShell).
- Proficiency with Infrastructure as Code (IaC) tools like Terraform, Ansible, and scripting languages (Shell, Python).
- Experience in automating deployments of cloud-based highly-available services (e.g., AWS EC2/RDS, Docker, Kubernetes).
- Experience with monitoring, logging, and analysis tools (e.g., CloudWatch, Datadog, Sumo Logic, New Relic).
- Strong background in implementing and managing security controls, conducting security assessments, and remediating vulnerabilities.
- Experience with version control systems (e.g., Git).
- Worked within agile and lean software development teams.