Incred Capital-Devsecops Engineer

Job Description:

Job Title: Senior DevSecOps Engineer

Experience: Minimum 5 yrs.+

Location: Mumbai

Reporting to: DevOps Team

Qualifications and Skills:

Graduation (with relevant IT certification)

Proven experience as an DevOps/Cloud Engineer with a proper hold on security concepts

In-depth knowledge of Cloud (AWS) environment, security architectures, and related best practices.

Hands-on experience with AWS Services like EC2, S3, RDS, Firewalls, intrusion detection/prevention systems i.e., IDS/IPS, VPN, and other security tools.

Strong analytical and problem-solving skills

Excellent communication and interpersonal abilities

Position Overview:

As a DevSecOps Engineer, you will play a crucial role in ensuring the integrity, confidentiality, and availability of our organization's cloud and on-prem infrastructure. This position involves designing, implementing, and maintaining robust solutions over cloud while proactively identifying and mitigating potential security threats. You will work closely with cross-functional teams to enhance our overall application performance, the organisation is fully-compliant and all the sensitive information/systems are well positioned for the growth.

Key Responsibilities:

Exposure in cloud security to design, implement, and maintain automated infrastructure deployments on cloud platforms (AWS)

To set up secure cloud environments using services like EC2, VPC, S3, RDS etc in scalable architectural patterns.

Can Implement and maintain cloud security best practices, including server hardening, vulnerability scanning, and patch management

Prior experience setting up CI/CD pipelines and have knowledge of a CSPM (Cloud Security Posture Mgmt) tools like AWS Security Hub/ SentinelOne/PrismaCloud or similar tool

Hands-on experience in handling and understanding Windows & Linux platforms

To work on remediating observations identified in security audits and vulnerability assessments.

Collaborate with teams to enforce security policies and ensure compliance with regulatory requirements of SEBI, NSE, BSE and CDSL

Should have sound knowledge of change, incident & problem management and also proactively involve in optimising existing processes.

GOOD TO HAVE

Assist in conducting Cyber Audit, System Audit, Patching of critical applications & timely completion of VAPT (Internal+ External)

Monitor network performance and ensure optimal operation through regular assessments.

Identify and resolve issues affecting network connectivity, latency, and bandwidth.

Have knowledge of mock BCP/DR for critical applications.

Hands-on experience in PAM solutions, Trading applications will be an added advantage

Configure and troubleshoot routers, switches, firewalls, and other network devices.

Contribute to the definition of procedures & Processes necessary for the scope of work.

Review necessary health check and monitoring reports and act appropriately.

Work closely with IT teams and other departments to integrate security measures into all aspects of the network.