Security Engineer
Lorven Technologies Inc.
2 - 5 years
Chennai
Posted: 26/02/2026
Job Description
ROLE DETAILS
Title: DevSecOps Contractor (Security Engineer)
Location: Remote / Onsite (as business needs dictate)Primary Tools: GitLab Ultimate, Docker/Kubernetes, Terraform/Ansible, SonarQube, BlackDuck or Nexus Lifecycle (SCA), Snyk or Trivy, OWASP ZAP
ROLE OVERVIEW
Drive securitybydesign across GitLab CI/CD and enforce guardrails that ensure application security, compliance, and reliable delivery. The role covers vulnerability management, pipeline security, standardized secure SDLC practices, transition planning from legacy tools to GitLabnative capabilities, and close collaboration with InfoSec, Cloud Platform, and Product teams.
KEY RESPONSIBILITIES
- Pipeline Security & Automation
- Implement and maintain automated SAST, DAST, SCA, container scanning, and secret detection in GitLab CI/CD
- Enforce policyascode: branch protection, MR approvals, vulnerability gates, artifact signing
- Vulnerability Management
- Run periodic assessments and secure code reviews; triage findings; publish remediation plans; track SLAs to closure
- Coordinate with product management and engineering to prioritize fixes
- Compliance & Governance
- Align controls and evidence with CIS, NIST, and (where applicable) GDPR
- Enable auditready reporting and SBOM generation; integrate security KPIs into observability dashboards
- Infrastructure & Cloud Security
- Implement secure IaC (Terraform/Ansible/CloudFormation); apply leastprivilege and zerotrust patterns
- Harden build runners, container images, registries, and deployment targets
- Enablement & Culture
- Champion shiftleft security via playbooks, training, and standard toolchains
- Document security runbooks; contribute to SDLC harmonization standards
MUSTHAVE QUALIFICATIONS
Handson expertise with GitLab Ultimate security features and CI/CD administration
Proven experience embedding SAST/DAST/SCA into pipelines and gating releases on risk thresholds
Direct exposure to SCA tools (e.g., BlackDuck, Nexus Lifecycle/OSS Index, Snyk) and code quality (SonarQube)
Strong scripting/automation (Python, Bash, YAML)
Container & cloud security fundamentals (Docker/Kubernetes, registry hardening, image scanning, runtime policies)
Threat modeling, risk assessment, and remediation planning
PREFERRED / NICETOHAVE
Certifications: DevSecOps Professional, CKS, Security+, or similar
IaC security experience (Terraform + OPA/Conftest/Checkov)
Supplychain security: SBOM practices and artifact signing (Cosign), familiarity with SLSA
Familiarity with DORA metrics and security KPI reporting
Services you might be interested in
Improve Your Resume Today
Boost your chances with professional resume services!
Get expert-reviewed, ATS-optimized resumes tailored for your experience level. Start your journey now.
