DvSecOps Engineer

This role is for one of the Weekday's clients

Salary range: Rs 3500000 - Rs 4000000 (ie INR 35-40 LPA)

Min Experience: 4 years

Location: Bangalore

JobType: full-time

As we expand into highly regulated enterprise segments such as banking and healthcare, we are looking for a dedicated DevSecOps Engineer to take ownership of security, compliance, and cloud infrastructure hardening.

Currently, security responsibilities are distributed across engineering leadership and DevOps/SRE teams. This role will centralize accountability by serving as the single point of contact for customer security, compliance audits, and proactive infrastructure security initiatives.

This is a hands-on, hybrid role that blends compliance ownership with deep technical execution. You should be as comfortable writing Kubernetes network policies as you are drafting SOC 2 control documentation.

Key Responsibilities

1. Customer Security & Compliance (40%)

You will own all customer-facing security and compliance interactions, particularly with enterprise clients.

• Serve as the primary point of contact for customer security questionnaires (SIG, CAIQ, and custom vendor assessments).
• Respond to detailed assessments covering encryption, data residency, IAM, incident response, BCP/DR, third-party risk, and AI-specific controls (100–250+ questions per cycle).
• Lead live security discussions and presentations with CISOs and enterprise security teams.
• Own audit cycles end-to-end (SOC 2 Type 2, ISO 27001, HIPAA), including:
• Evidence collection
• Control documentation
• Remediation tracking
• Coordination with external auditors
• Maintain and enhance compliance artifacts such as:
• Security policies
• Statement of Applicability (SOA)
• Risk registers
• VAPT remediation trackers
• Incident response plans
• Business continuity and disaster recovery documentation
• Drive certification transitions and scope expansion for new regulatory frameworks.

2. Cloud Security & Infrastructure Hardening (35%)

This is a deeply technical function focused on proactive security improvements.

• Harden Kubernetes environments (GKE/AKS):
• Pod security standards
• Network policies
• RBAC
• Image scanning
• Registry controls
• Secrets management
• Helm chart and deployment manifest reviews
• Strengthen cloud security posture across GCP and Azure:
• IAM audits and least privilege enforcement
• Service account governance
• Preventive guardrails
• Enhance network security architecture:
• VPC design
• Firewall rules
• IPSEC VPN configurations
• Private service endpoints
• IP whitelisting
• Voice/SIP infrastructure security
• Manage and extend SIEM deployments (Microsoft Sentinel):
• Detection rules
• Alerting workflows
• Cross-cloud log integration
• Lead vulnerability management:
• Coordinate VAPT engagements
• Triage and track findings
• Own remediation pipelines
• Verify fixes
• Optimize security tooling and logging costs while maintaining compliance standards.

3. DevOps & Engineering Collaboration (25%)

This role works embedded within DevOps/SRE, not as an isolated security function.

• Secure CI/CD pipelines:
• Integrate SAST, SCA, and container scanning
• Deepen SonarQube integration
• Review Infrastructure-as-Code (Terraform/Helm) for security misconfigurations pre-production.
• Participate in security incident response and post-mortems.
• Maintain and test disaster recovery and business continuity processes across multi-region infrastructure.
• Manage endpoint and access security:
• MDM policies
• SSO/MFA enforcement
• Privileged access management

What We’re Looking For

• Strong hands-on experience in DevOps and cloud infrastructure (Azure, GCP).
• Deep knowledge of Kubernetes security and cloud IAM models.
• Experience managing SOC 2, ISO 27001, HIPAA, or similar audit frameworks.
• Ability to confidently engage enterprise security stakeholders.
• Strong documentation skills paired with practical engineering execution.
• Experience with SIEM tools, vulnerability management, and CI/CD security integrations.
• High ownership mindset and proactive risk identification capability.

Core Skills

DevOps | Azure DevOps | Cloud Security | Kubernetes Security | Compliance & Audit Management | Infrastructure Hardening | CI/CD Security | IAM & Access Governance