DevOps Engineer

Location: Bengaluru, India

Department: Infrastructure

Experience: 4+ years

• Collaborate with development, operations, and security teams to embed security protocols into the DevOps lifecycle.
• Design, implement, and manage security frameworks, ensuring continuous monitoring and incident response capabilities.
• Develop and maintain CI/CD pipelines that incorporate security testing, vulnerability scanning, and risk assessments.
• Manage and enhance the cloud infrastructure (AWS, Azure, GCP) security, ensuring compliance with industry standards (e.g., ISO 27001, PCI-DSS, SOC2).
• Automate and enforce security policies, configurations, and updates across the infrastructure.
• Conduct regular security audits, penetration tests, and system vulnerability assessments.
• Provide insights and recommendations for security risk mitigation and implement security best practices across the development process.
• Respond to and mitigate security incidents in a timely manner.

• At least 4 years of experience in DevOps
• Strong knowledge of CI/CD tools (Jenkins, GitLab CI/CD, etc.) and infrastructure-as-code (Terraform, Ansible, etc.).
• Expertise in cloud platforms (AWS, GCP, Azure) with a focus on security configurations, identity management, and monitoring.
• Experience with container security (Docker, Kubernetes) and orchestration security.
• Familiarity with security frameworks (OWASP, NIST, etc.) and compliance standards (ISO 27001, PCI-DSS).
• Proficiency in scripting (Python, Bash, etc.) for automation and security process enhancement.
• Strong understanding of vulnerability management tools (e.g., Nessus, Qualys) and security incident response protocols.
• Proficiency in SonarQube,Trivy, Wazuh, OWASP ZAP
• Ability to work in fast-paced startup environments, demonstrating agility and adaptability.

• Certifications such as AWS Certified Security, Certified Information Systems Security Professional (CISSP), or similar.
• Prior experience in fintech or B2B SaaS companies.
• Experience with SOC2 or ISO 27001 implementation and audits.
• Strong knowledge in Aqua Security, Anchore, Checkov, Clair, Twistlock (Prisma Cloud), Snyk, Nessus, Falco, Tenable.io, Sysdig

• Own and scale cloud infrastructure and CI/CD systems end-to-end
• Work on high-scale fintech systems with real-world impact
• High ownership - build, automate, and improve systems from the ground up
• Collaborate with strong engineering teams in a fast-paced, execution-driven environment