DevSecOps Expert

Cognyte

full-time

Posted on: 9/7/2025

Origin: • 🇮🇳 India

✨ AI Apply

Mid-LevelSenior

AnsibleAWSAzureCloudGoogle Cloud PlatformGroovyJenkinsKubernetesOpenShiftPythonTerraform

About the role

Integrate security best practices into CI/CD pipelines and production deployments across the software development lifecycle.
Configure, implement, and manage security tools and automation in CI/CD pipelines to detect vulnerabilities early.
Use SAST and DAST tools to automate security testing for code and applications; monitor scans, report findings, and recommend remediation.
Continuously enhance and automate security processes to deliver secure software efficiently while minimizing manual intervention.
Collaborate closely with architecture, development, and operations teams to make security a shared responsibility.

3+ years of experience in DevOps or a similar role focused on integrating security into CI/CD processes.
Proven experience implementing and configuring security tools such as SAST, DAST, and other automation tools.
Strong hands-on experience with CI/CD tools and languages (e.g., Jenkins, Groovy, Git, Python, Bash) for pipeline automation.
Proficiency in cloud-native deployments and management (e.g., Helm, Kustomize), Kubernetes objects, and cluster debugging.
Familiarity with Infrastructure as Code (IaC) tools like Terraform and Ansible.
Knowledge of CIS benchmark recommendations and system hardening practices.
In-depth knowledge of security vulnerabilities (e.g., OWASP Top 10) and mitigation best practices.
Experience with vulnerability scanning and static and dynamic application security testing tools (e.g., SonarQube, Checkmarx, OWASP ZAP, Coverity, Lint).
Familiarity with on-premises cloud platforms (e.g., OpenShift, Tanzu) and public cloud platforms (AWS, Azure, GCP) and their security configurations.
Strong communication skills, problem-solving mindset, and a proactive collaborative approach to fostering a security-first mindset.