Senior Staff Engineer (AI Developer - DevSecOps Tools)

We're Nagarro.

We are a Digital Product Engineering company that is scaling in a big way! We build products, services, and experiences that inspire, excite, and delight. We work at a scale — across all devices and digital mediums, and our people exist everywhere in the world (18500+ experts across 40 countries, to be exact). Our work culture is dynamic and non-hierarchical. We are looking for great new colleagues. That is where you come in!

Requirements

• Experience : 7.5+ years
• Strong software engineering experience with good hands-on experience developing AI/ML or security automation solutions.
• Strong programming expertise in Python with hands-on experience using libraries such as Scikit-learn, PyTorch, Pandas, and NumPy.
• Experience developing AI-powered applications involving machine learning, large language models (LLMs), automation, or intelligent workflows.
• Strong understanding of DevSecOps practices and hands-on experience with security tools including SAST, SCA, secrets detection, IaC scanning (Checkov, Terrascan), and container image scanning (Trivy).
• Experience integrating security automation into CI/CD platforms such as Azure DevOps, GitHub Actions, Jenkins, or GitLab CI.
• Hands-on experience with Docker, Kubernetes (AKS/EKS preferred), and container security best practices.
• Working knowledge of policy-as-code frameworks such as OPA/Rego and Kubernetes security enforcement.
• Experience with LLM APIs including Azure OpenAI or OpenAI, along with prompt engineering, Retrieval-Augmented Generation (RAG), and AI-assisted code analysis.
• Experience building REST APIs and microservices using FastAPI or Flask.
• Familiarity with cloud platforms such as Microsoft Azure, AWS, or Google Cloud Platform and cloud-native security concepts.
• Knowledge of Infrastructure-as-Code technologies including Terraform, ARM templates, and Helm.
• Experience with secrets management solutions such as HashiCorp Vault or Azure Key Vault.
• Understanding of MLOps practices, model deployment, monitoring, drift detection, and CI/CD for machine learning solutions.
• Experience working with event-driven architectures and messaging platforms such as Azure Event Hub, AWS EventBridge, or Google Cloud Pub/Sub.
• Familiarity with cloud security platforms such as Prisma Cloud, Wiz, Aqua Security, or Snyk is an advantage.
• Exposure to LangChain, Semantic Kernel, AutoGen, or similar AI orchestration frameworks is desirable.
• Knowledge of GitOps tools such as ArgoCD or Flux and policy frameworks including HashiCorp Sentinel or Cedar is preferred.
• Experience integrating security tools with platforms such as Jira, ServiceNow, or Azure Sentinel SOAR is an added advantage.
• Strong analytical, troubleshooting, and problem-solving skills with the ability to develop scalable and secure enterprise solutions.
• Excellent communication and collaboration skills with experience working in Agile and cross-functional development environments.
• Bachelor's degree in Computer Science, Information Technology, Engineering, MCA, or a related field.
• Security certifications such as CompTIA Security+, CEH, CKS, SC-200, or cloud security certifications (AZ-900, AWS Security Specialty, GCP Professional Cloud Security Engineer) are desirable.

Responsibilities

• Design, develop, and maintain AI-powered automation solutions that integrate security into CI/CD pipelines and the software development lifecycle.
• Build intelligent security automation for CI/CD platforms such as Azure DevOps, GitHub Actions, Jenkins, and GitLab CI, implementing policy-as-code, security gates, and pre-merge vulnerability checks.
• Develop machine learning models to detect pipeline anomalies, including suspicious code commits, dependency changes, and build integrity violations.
• Build and enhance LLM-powered remediation assistants for Infrastructure-as-Code (IaC) using Terraform, ARM templates, Helm charts, Checkov, and Terrascan.
• Develop Retrieval-Augmented Generation (RAG) pipelines leveraging internal security policies, compliance standards, and hardening guidelines to provide contextual remediation recommendations.
• Design and implement agentic AI workflows that orchestrate multiple security tools, consolidate scan results, prioritize findings, and automate ticket creation.
• Develop NLP-based solutions to parse, classify, summarize, and analyze security scan outputs across diverse tools and report formats.
• Build scalable RESTful APIs and microservices using FastAPI or Flask to expose AI-powered DevSecOps capabilities.
• Develop integrations between security platforms, enterprise SIEM/SOAR solutions, ticketing systems, and developer platforms.
• Automate container and Kubernetes security workflows, including image scanning, runtime security monitoring, and policy enforcement using OPA/Gatekeeper.
• Build event-driven automation pipelines leveraging cloud-native messaging services for real-time security event processing.
• Develop dashboards and reporting solutions to monitor security posture, remediation metrics, SLA compliance, and pipeline health.
• Write unit tests, integration tests, and participate in peer code reviews to ensure code quality and reliability.
• Monitor deployed AI models and automation services, implement model performance monitoring, drift detection, and automated retraining processes.
• Maintain CI/CD pipelines for AI model deployment using MLOps platforms such as Azure ML, MLflow, or equivalent technologies.
• Prepare technical documentation including API specifications, architecture diagrams, integration patterns, operational runbooks, and data models.
• Collaborate with engineering, DevSecOps, cloud, and security teams to continuously improve automation reliability, security coverage, and developer experience.

Bachelor’s or master’s degree in computer science, Information Technology, or a related field.