DevSecOps Engineer

Job Description

About The Role :

Today, security and compliance responsibilities are distributed across the CTO and the DevOps/SRE team. As we scale to more regulated enterprise clients (banking, healthcare), we need a dedicated person who can:

– Be the single point of contact for all customer security queries, vendor assessments, and compliance questionnaires

– Own and drive audit cycles (SOC 2 Type 2, ISO 27001, HIPAA) with our audit partner.

– Proactively identify and fix security gaps in our cloud infrastructure before they show up in VAPT reports

– Bridge the gap between security and DevOps someone who can write Kubernetes network policies as comfortably as they write SOC 2 control narratives

What You’ll Work On

Customer Security & Compliance (40%)

This is the most immediate and visible part of the job. Our enterprise customers banks, healthcare providers, large enterprises send detailed security questionnaires and conduct vendor risk assessments before and during engagements. You will be the person who owns these responses.

– Respond to customer security questionnaires (SIG, CAIQ, custom vendor assessments) with accurate, well-articulated answers. These cover encryption standards, data residency, access controls, incident response, business continuity, third-party risk, and AI-specific security typically 100250 questions per assessment.

– Handle live security calls and presentations with customer CISOs and security teams. You should be able to explain our architecture, security controls, and compliance posture confidently to a technical audience.

– Manage audit cycles end-to-end coordinate with CyberSapiens (our SOC 2 auditor), gather evidence, ensure controls are documented and operating, track remediation of findings, and deliver clean reports.

– Maintain and evolve compliance documentation security policies, SOA (Statement of Applicability), risk registers, VAPT remediation trackers, incident response plans, BCP/DR documentation.

– Drive certification transitions such as ISO 27001:2013 to ISO 27001:2022, and scope expansion for new compliance requirements (HIPAA for healthcare clients, UAE NESA/PDPL for regional requirements).

Cloud Security & Infrastructure Hardening (35%) :

You won’t just write security documents you’ll get your hands dirty in the infrastructure. Our stack runs on GKE and AKS clusters with MongoDB, Redis, and PostgreSQL databases, fronted by WAFs and load balancers.

– Kubernetes security : implement and enforce pod security standards, network policies, RBAC, container image scanning, registry controls, and secrets management. Review and harden Helm charts and deployment manifests.

– Cloud security posture management audit and harden IAM policies across GCP and Azure, enforce least privilege, manage service account governance, and implement preventive guardrails.

– Network security VPC architecture, firewall rules, IPSEC VPN configurations for banking clients, private service endpoints, IP whitelisting, and SIP trunk security for voice infrastructure.

– SIEM and monitoring manage and extend our Microsoft Sentinel deployment, create detection rules, set up alerting for security events, integrate log sources from both GCP and Azure environments.

– Vulnerability management coordinate biannual VAPT engagements, triage and track findings (we’ve dealt with SSRF, credential exposure, and similar issues), own the remediation pipeline, and verify fixes.

Are you interested in this position?

Apply by clicking on the “Apply Now” button below!

#GraphicDesignJobsOnline

#WebDesignRemoteJobs #FreelanceGraphicDesigner #WorkFromHomeDesignJobs #OnlineWebDesignWork #RemoteDesignOpportunities #HireGraphicDesigners #DigitalDesignCareers# Dynamicbrand guru