Sr. DevSecOps Engineer

We are looking for a Senior DevSecOps Engineer who will lead our cybersecurity, infrastructure automation, and DevSecOps practices as we transition into a secure, scalable, and modern engineering environment. This role is responsible for strengthening 2Bases security posture, modernizing our pipelines, and guiding the team towards a secure-by-design culture. You will work closely with engineering, product, and leadership teams to ensure that our systems, applications, and cloud environments are secure, reliable, and future-ready.

Key Responsibilities

• Define, implement, and enforce security standards, policies, and best practices across cloud and on-prem environments.
• Conduct security risk assessments, perform vulnerability scans, coordinate penetration testing activities, and execute mitigation plans.
• Architect, maintain, and enhance secure CI/CD pipelines with automated compliance and governance checkpoints.
• Promote and uphold a strong Security First culture across engineering, ensuring secure design and development practices.
• Continuously monitor, detect, investigate, and respond to security threats, incidents, breaches, and anomalies.
• Develop, own, and mature Infrastructure-as-Code practices using Terraform, Ansible, and other automation frameworks.
• Design and lead secure cloud architectures across AWS, Azure, or GCP to support scalable and compliant deployments.
• Build, operate, and secure containerized environments using Docker and Kubernetes with enforced security baselines.
• Implement and maintain secure monitoring, logging, SIEM, and alerting systems for infrastructure and application layers.
• Improve and optimize system reliability, scalability, performance, and fault tolerance across all critical workloads.
• Mentor, guide, and upskill DevOps engineers in secure development, automation, and operational excellence.
• Lead technical strategy, decision-making, tool selection, process improvements, and DevSecOps roadmap execution.
• Collaborate closely with BA, PM, and Engineering teams to ensure security, performance, and delivery objectives align with organizational goals.

Required Skills & Experience

• 48 years of experience in DevOps, Cloud, or Infrastructure engineering with strong security exposure.
• Hands-on experience with CI/CD tools such as Jenkins, GitLab CI, or GitHub Actions.
• Strong expertise in AWS, Azure, or GCP cloud platforms with a focus on secure architecture.
• Proficiency in Infrastructure-as-Code using Terraform , Ansible , or similar tools.
• Experience securing and managing Docker and Kubernetes environments.
• Strong understanding of networking technologies: LAN/WAN, firewalls, VPN, load balancers .
• Knowledge of security frameworks and standards (OWASP, NIST, CIS Benchmarks).
• Experience with monitoring and logging tools (Prometheus, Grafana, ELK, CloudWatch, SIEM solutions).
• Strong scripting skills (Python, Bash, Shell).
• Excellent troubleshooting, analytical, and problem-solving skills.
• Strong communication and collaboration skills with the ability to influence engineering teams.

Preferred Qualifications (Good to Have)

• Diploma / Degree / B.Tech in IT, CS, MCA
• Experience in SOC operations or exposure to SIEM and SOAR tools.
• Relevant certifications such as:

1. AWS Security/DevOps Engineer Professional

2. Certified Kubernetes Security Specialist (CKS)

3. CEH, CompTIA Security+, or equivalent.