Devsecops Engineer
- business Antal International
- directions_car Mumbai, Mumbai,Mumbai Suburbs,Navi Mumbai, India
- workFull-time
- Build a Culture around Security Engineering - Ensure that a healthy security posture is maintained by continuously assessing/monitoring perimeter as well as internal security posture.
- Identify, integrate, monitor, and improve InfoSec controls by understanding business processes.
- Drive a DevSecOps culture in the organization by implementing shift left security culture.
- Conduct security reviews, auditing, penetration testing, risk assessments, vulnerability assessments, threat modeling.
- Install, configure, manage, and maintain mission-critical enterprise applications such as AV, patching, SIEM, DLP, log management and other technical controls. Troubleshoot security system and related issues
- Should have good understanding in working on CSPM
- Should have good understanding in different Services of AWS & GCP, Also need someone who should know DNS.
- Improve Cloud, Application ,Kafka, Database security posture and Kubernetes security using CI/CD Understand by regular gap assessment, Provide support in detection and mitigation of cyber security vulnerability and incidents for Cloud
- Run security automation tools for periodic scans - SAST, DAST, Infrastructure scanning, Compliance check
- Adhere to OWASP guidelines and bring the OWASP maturity model at organisation level.
- Strong understanding of network concepts including TCP/IP, HTTP and TLS, DDoS detection/prevention, and network and host anomaly detection through both automated (NIDS/HIDS) and manual means.
- A good knack for automating infrastructure security as much as possible
Some specific requirements
- Need to have a professional experience of at least 3-4 years acquired in monitoring and improving DevSec Ops tools and processes
- Extensive knowledge in assurance tools such as Fortify, OWASP ZAP, Sonarqube, Open source automation tools and their integrations into CI/CD cycles.
- Understanding of Zero Trust policy and its implementation.
- Identify security weakness across multiple programming languages like Python, Node JS, Java, Go, Javascript, HTML etc
- Participate in incident handling and other related duties to support the information security function.
- Ability to drive security automation and DevSecOps within engineering life cycle, as well as vulnerability/bug remediation
- Good to have audit experience across compliance certifications like ISO 27001/ISMS/PCI DSS / SoC 2
- Experience in Kubernetes Infra, Cloud deployment technologies - AWS, GCP
Place of work
Mumbai, Mumbai,Mumbai Suburbs,Navi Mumbai, India
app.general.countries.Mumbai, Mumbai,Mumbai Suburbs,Navi Mumbai, India
Employer profile
In 1993, a visionary in London set out to create a better way to connect talented individuals with job opportunities. Fast forward 30 years, and that vision has grown into a worldwide network of over 800 consultants spanning 32 countries. As one of the top recruitment companies, we specialize in IT, Accountancy, Sales and Marketing, Engineering, and more, offering game-changing recruitment consultancy and talent acquisition services to companies of all sizes. Join us on this journey of growth! With our personalized approach to the hiring process, we aim to make finding the right job a positive and stress-free experience for you as a candidate. We understand that job searching can be overwhelming, so we offer our expertise every step of the way to help you navigate the process with ease. Our goal is to empower you to achieve your career aspirations and land the perfect job! At our core, we believe that our success is directly tied to the success of the candidates we work with!
Job ID: 8434994 / Ref: 661297aeafac078192f169c2a512d158