Senior DevSecOps Engineer

Pune, India
Android AWS Java Python Go Node.js JavaScript
This job is closed! Check out or
Who we are

Mindtickle is the market-leading revenue productivity platform with enablement and operations solutions. Mindtickle is recognized as a market leader by top industry analysts and is ranked by G2 as both the #2 enterprise software product and #7 sales product. This year, Mindtickle was recognized for its outstanding customer support winning a Gold Stevie Award for Sales and Customer Service and has an A rating from Security Scorecard.

Job Brief

You'll be joining the mindtickle DevSecOps team, which is responsible for providing security guidance, identifying weaknesses, and managing the identified vulnerabilities. The DevSecOps team at mindtickle is a sub-team as a part of DevOps, which is overall responsible for the maintenance of our production infrastructure, tools, and pipelines. 


    • Individual contributor role and the first member of our DevSecOps team.
    • Work with DevOps teams to integrate security assurance tools into the development lifecycle.
    • Lead a sub-discipline (cloud security, security operations, security automation, and security architecture) within the Engineering team.
    • Ensure that product development incorporates security into software and infrastructure in design, implementation, and verification.
    • Integrating open-source and commercial security tooling into our build and deployment pipelines (CI/CD) for core platform services and the applications built on platform services.
    • Identify security flaws and vulnerabilities in infrastructure and applications by performing periodic and release vulnerability scans.
    • Perform code reviews of applications and products.
    • Continuously review security bulletins and related news; stay apprised of current threats and trends.
    • Maintain, review, propose and implement security improvements to existing infrastructure, tools, and processes.
    • Validate findings, perform root cause analysis and deliver recommendations for fixes.
    • Build, maintain, and own InfoSec compliance efforts by implementing and enforcing appropriate processes and standards across the organization.

Desired Qualifications & Skill Sets:

    • Bachelor's Degree in Computer Science or equivalent with minimum 4 years of DevSecOps experience.
    • Minimum 3 years of vulnerability assessment experience in testing web applications, mobile applications (iOS and Android), and cloud network infrastructure.
    • Deep understanding of security vulnerabilities and mitigations, and an ability to model threats and risks for a large, complex system.
    • Advanced knowledge and understanding of security engineering, system, and network security, authentication and security protocols, cryptography, or application security.
    • Offensive Security Certified Professional (OSCP) certification.
    • Good understanding of cloud infrastructure and platforms such as AWS.
    • Hands-on experience and extensive knowledge of security assurance tools such as Qualys, Snyk, SonarQube, BurpSuite, Cobaltstrike, Nessus, Metasploit, Accunetix, ZAP, etc. and their integration into the CI/CD cycle.
    • In-depth understanding of OWASP, CIS Benchmarks, CVE Database, SANS Security Checklist, etc.
    • Able to read and understand popular programming languages (Java, Python, Golang, Node.js, Javascript, etc.) and identify security weaknesses.
    • Must have good scripting knowledge in languages such as Python, Go, and/or JavaScript to automate repetitive tasks.

Our culture & accolades

As an organization, it’s our priority to create a highly engaging and rewarding workplace. We offer tons of awesome perks and many opportunities for growth.

Our culture reflects our employee's globally diverse backgrounds along with our commitment to our customers, and each other, and a passion for excellence. We live up to our values, DAB, Delight your customers, Act as a Founder, and Better Together.

To know more about us, feel free to go through these videos:  
1. Culture 

Follow us here → LinkedIn, Twitter, Youtube.

Mindtickle is proud to be an Equal Opportunity Employer.

All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, national origin, disability, protected veteran status, or any other characteristic protected by law.

Your Right to Work - In compliance with applicable laws, all persons hired will be required to verify identity and eligibility to work in the respective work locations and to complete the required employment eligibility verification document form upon hire.