Cloud DevSecOps Engineer

Synechron

الوصف الوظيفي

الأدوار والمسؤوليات

الملف الشخصي المطلوب للمرشحين

Job Summary:

Synechron is seeking an experienced Cloud DevSecOps Engineer to embed security into cloud delivery pipelines and operational workflows. This role will focus on enabling secure, automated, and scalable cloud deployments within a shared responsibility model. The successful candidate will develop and maintain secure CI/CD pipelines, integrate security controls, and support cloud automation initiatives. This position plays a key role in ensuring that security and operational excellence are integral to our cloud transformation efforts, contributing to reliable and compliant cloud environments that support our business objectives.

Software Requirements:

• Required:
• Git and GitHub/GitLab (version control and peer review workflows)
• Infrastructure-as-Code tools (Terraform, Bicep, ARM templates)
• CI/CD tools (Azure DevOps, Jenkins, GitHub Actions)
• Security tools (Static Application Security Testing SAST, Dynamic Application Security Testing DAST, IaC scanning tools such as Checkov or tfsec)
• Secrets management systems (Azure Key Vault, HashiCorp Vault)
• Preferred:
• Cloud security and compliance monitoring tools (Azure Security Center, AWS Security Hub)
• Container orchestration (Kubernetes, AKS)
• Configuration management tools (Ansible, Chef, Puppet)

Experience Requirements:

• 5 to 6 years of hands-on experience in cloud engineering and DevOps/SecOps roles
• Proven expertise in building and managing secure automation pipelines in cloud environments, especially Azure
• Deep understanding of CI/CD principles, GitOps, and infrastructure as code
• Experience integrating security controls such as code scans, IaC scans, secrets management, and compliance checks into automated workflows
• Industry experience in regulated sectors or enterprise-scale cloud deployments highly preferred
• Alternative pathways include extensive DevOps experience in other cloud providers coupled with strong Azure security proficiency

Day-to-Day Activities:

• Develop, implement, and optimise secure CI/CD pipelines aligned with best practices and governance standards
• Automate cloud infrastructure deployment using IaC, ensuring security and compliance are embedded from the start
• Conduct security assessments of pipelines, identify vulnerabilities, and implement mitigation strategies
• Collaborate with development teams for automation, migrations, and operational enhancements
• Participate in security reviews, continuous improvement initiatives, and incident troubleshooting sessions
• Maintain documentation of pipeline configurations, security controls, and deployment standards
• Regularly review pipeline practices to enhance reliability, security, and operational efficiency

Qualifications:

• Bachelor s degree in Computer Science, Information Technology, or related field; equivalent professional experience acceptable
• Certifications such as Certified DevSecOps Engineer, Azure Security Engineer Associate, or equivalents are preferred
• Formal training or certifications in cloud security, infrastructure as code, or related disciplines are advantageous
• Commitment to ongoing learning and staying current with DevSecOps best practices and cloud security advancements

Professional Competencies:

• Analytical mindset with strong problem-solving skills
• Leadership in advocating security best practices across teams
• Effective oral and written communication, with the ability to explain complex concepts clearly
• Collaborative team player with a proactive, accountable mindset
• Adaptability to evolving security threats, technologies, and operational requirements
• Innovation-driven approach to automating security and operational workflows
• Excellent time management, prioritizing tasks to meet project deadlines and operational needs