Engineering

DevSecOps Engineer (Remote)

Preferable Location(s): Colombo, Sri Lanka
Work Type: Full Time
Job Summary:
As a DevSecOps Engineer, you will be responsible for incorporating security into all stages of the software development lifecycle. You will leverage your expertise in JFrog Artifactory, Xray, and other tools to implement best practices, automate processes, and maintain a secure and scalable infrastructure.

Key Responsibilities:

    •    Artifact Management: Manage and maintain JFrog Artifactory for efficient storage and distribution of binaries, libraries, and packages across the development teams.
    •    Security Scanning: Utilize JFrog Xray for continuous scanning of binaries and dependencies to identify vulnerabilities and enforce compliance policies.
    •    CI/CD Integration: Integrate security controls into CI/CD pipelines using tools like Jenkins, GitLab CI, or Azure DevOps to ensure secure code deployment.
    •    Infrastructure Automation: Automate infrastructure provisioning, configuration management, and deployment using tools such as Terraform, Ansible, or Kubernetes.
    •    Monitoring & Logging: Implement security monitoring and logging practices to detect and respond to incidents using tools like ELK Stack, Prometheus, or Grafana.
    •    Access Control: Implement role-based access controls (RBAC) and ensure secure authentication/authorization for tools and applications.
    •    Cloud Security: Collaborate with cloud teams to implement security best practices on AWS, Azure, or GCP environments.
    •    Compliance: Ensure compliance with industry standards (e.g., ISO 27001, SOC 2, GDPR) and assist in audits and assessments.
    •    Collaboration: Work closely with development, operations, and security teams to promote DevSecOps culture and awareness.

Qualifications:

    •    Experience: 3+ years of experience in a DevSecOps, DevOps, or Security Engineer role.
    •    Technical Skills:
    •    Proficient in JFrog Artifactory and Xray.
    •    Strong experience with CI/CD tools (e.g., Jenkins, GitLab CI, Azure DevOps).
    •    Familiar with scripting languages (e.g., Python, Bash, or Groovy).
    •    Hands-on experience with infrastructure-as-code tools (e.g., Terraform, Ansible, or CloudFormation).
    •    Knowledge of containerization and orchestration tools (e.g., Docker, Kubernetes).
    •    Experience with monitoring and logging tools (e.g., ELK Stack, Prometheus, Grafana).
    •    Familiarity with cloud platforms (AWS, Azure, GCP) and cloud security practices.
    •    Security Knowledge: Understanding of security principles, vulnerability scanning, and remediation techniques.
    •    Soft Skills: Strong problem-solving skills, attention to detail, and ability to work in a collaborative, fast-paced environment.
    •    Certifications (preferred): AWS Certified DevOps Engineer, Certified Kubernetes Security Specialist (CKS), or similar.

Submit Your Application

You have successfully applied
  • You have errors in applying