Security Automation Engineer

Job Overview :

We are looking for a highly skilled Security Automation Engineer to embed security across the CI/CD pipeline and automate security controls within cloud and containerized environments. The ideal candidate will have strong experience in DevOps, cloud infrastructure, and security automation to ensure secure, scalable, and compliant application delivery.

Key Responsibilities:

• Integrate security practices into CI/CD pipelines (DevSecOps).
• Automate security testing including SAST, DAST, SCA, and container scanning.
• Design and implement secure CI/CD pipelines using tools like Jenkins, GitHub Actions, GitLab CI, or Azure DevOps.
• Implement and manage cloud security controls across AWS, Azure, or GCP.
• Automate infrastructure security using IaC tools (Terraform, CloudFormation).
• Manage secrets, certificates, and credentials using secure vault solutions.
• Secure container platforms (Docker, Kubernetes) and service meshes.
• Monitor, detect, and respond to security incidents and vulnerabilities.
• Collaborate with DevOps, development, and security teams to enforce security best practices.
• Ensure compliance with industry standards (ISO 27001, SOC 2, PCI-DSS, etc.).

Required Skills & Qualifications :

• Bachelors degree in Computer Science, Cybersecurity, or related field.
• 3+ years of experience in DevOps, Security Engineering, or DevSecOps .
• Strong knowledge of CI/CD pipelines and automation frameworks .
• Hands-on experience with security scanning tools (SonarQube, Checkmarx, Snyk, OWASP ZAP, Trivy).
• Experience with cloud platforms (AWS / Azure / GCP).
• Strong understanding of container security and Kubernetes security best practices.
• Experience with IAM, RBAC, OAuth, and Zero Trust architectures .
• Scripting skills in Python, Bash, or PowerShell .
• Knowledge of vulnerability management and incident response.

Tools & Technologies (Preferred):

• CI/CD: Jenkins, GitLab CI, GitHub Actions, Azure DevOps
• Cloud Security: AWS Security Hub, Azure Defender, GCP Security Command Center
• IaC & Automation: Terraform, Ansible
• Containers: Docker, Kubernetes, Helm
• Secrets Management: HashiCorp Vault, AWS Secrets Manager
• Monitoring & SIEM: Splunk, ELK, Datadog

Certifications (Nice to Have):

• AWS Certified Security Specialty
• Certified Kubernetes Security Specialist (CKS)
• CEH / CISSP / Security+
• DevSecOps Foundation Certification

What We Offer:

• Competitive compensation and growth opportunities
• Work on security-first cloud-native architectures
• Learning and certification support
• Collaborative, fast-paced engineering environment