Exponent – Ace your tech interviews with mock sessions and expert coaches from top companies.
Sponsored by ExponentJob Title: DevSecOps Engineer
Experience: 2-5 years
Location: Bangalore - Noida
Job Type: Full-time
About the Role
We are looking for a skilled DevSecOps Engineer with 2-5 years of experience in Application Security, Python, and DevSecOps practices. In this role, you will be responsible for integrating security into the DevOps pipeline, automating security processes, and ensuring the security of applications and infrastructure throughout the software development lifecycle (SDLC).
Key Responsibilities
Implement and automate security controls, monitoring, and compliance in CI/CD pipelines.Conduct application security assessments, including SAST, DAST, and dependency scanning.Develop custom security automation tools and scripts using Python.Collaborate with development and operations teams to integrate security best practices.Monitor security vulnerabilities and ensure timely remediation.Work with cloud security tools and infrastructure security best practices.
Required Skills & Qualifications
2-5 years of experience in Application Security, DevSecOps, or Security Automation.Strong proficiency in Python for automation and scripting.Experience with CI/CD tools (Jenkins, GitHub Actions, GitLab CI, etc.).Hands-on experience with SAST, DAST, and software composition analysis (SCA) tools.Knowledge of cloud security (AWS, Azure, or GCP) and infrastructure as code (IaC) security.Familiarity with security frameworks like OWASP, NIST, CIS Benchmarks.Strong problem-solving and communication skills.
Preferred Qualifications
Experience with container security (Docker, Kubernetes security best practices).Knowledge of secrets management tools (Vault, AWS Secrets Manager).Understanding of network security and secure coding principles.Relevant certifications (e.g., AWS Security Specialty, GIAC, OSCP, etc.) are a plus.
