AGM, DevSecOps

• Design, implement, and optimize secure CI/CD pipelines across hybrid environments (cloud/on-prem). 
• Operationalize DevSecOps frameworks with embedded controls for static/dynamic code analysis, secrets management, and runtime policy enforcement. 
• Implement Infrastructure as Code (IaC) practices using tools like Terraform, Ansible, CloudFormation. 
• Integrate cybersecurity tools and telemetry (e.g., SAST, DAST, SCA, EDR, vulnerability scanners) across the development lifecycle. 
• Govern DevOps platform tools (e.g., Jenkins, GitHub Actions, Azure DevOps, ArgoCD) with secure configurations and traceability. 
• Partner with cybersecurity teams to ensure regulatory alignment (IEC 62443, NIST CSF) via automated controls and compliance-as-code. 
• Enable release velocity and rollback confidence through blue-green deployments, canary testing, and automation QA. 
• Drive performance monitoring and incident response readiness through log aggregation, alerting, and dashboarding (e.g., Prometheus, Grafana, ELK). 
• Coach DevOps engineers, implement sprint KPIs, and lead tool evaluations for emerging automation and security tooling.  

Preferred Qualifications 

1. Education: 
   • Bachelor’s degree in Computer Science, Engineering, or a related technical discipline. 
   • Master’s degree preferred (in Cybersecurity, Systems Engineering, or DevOps Automation). 
2. Certifications (preferred): 
   • DevOps: Certified Jenkins Engineer, GitHub Actions, Azure DevOps Expert, or similar. 
   • IaC / Automation: HashiCorp Terraform Associate, Red Hat Ansible Automation. 
   • Security Tooling: Practitioner-level training in SAST/DAST/SCA/EDR (e.g., Aqua Security, Snyk, SonarQube). 
   • Cloud Security: AWS Security Specialty, Azure Security Engineer, or CCSP. 
   • Compliance: Awareness training in IEC 62443 or NIST CSF is desirable. 

Key Requirements 

• 8 + years of technology experience with strong focus on DevOps, cybersecurity integrations, and infrastructure automation. 
• Expertise in building and governing CI/CD pipelines and cloud-native deployment workflows. 
• Proven knowledge of tools such as Jenkins, GitHub Actions, ArgoCD, Terraform, Vault, and container security platforms. 
• Hands-on experience with security tools integration (e.g., Checkmarx, SonarQube, Aqua, Snyk, Prisma Cloud). 
• Familiarity with compliance and security frameworks (e.g., NIST, ISO 27001, IEC 62443) in OT/IT environments. 
• Experience working with OT/ICS environments or industrial networks is preferred. 
• Strong scripting and automation skills (Python, Shell, Go, etc.). 
• Ability to work in cross-functional, Agile-driven teams and mentor engineers in secure software delivery practices.