- Design, implement, and maintain Azure-based infrastructure using Terraform for scalability, reliability, and security.
- Implement security controls and best practices to ensure compliance with industry standards and regulations.
- Conduct regular security assessments, vulnerability scans, and penetration tests to identify and remediate security risks.
- Integrate security into the software development lifecycle (SDLC) by implementing secure coding practices, static code analysis, and dependency scanning.
- Conduct security reviews of code changes and architecture designs to identify and address security vulnerabilities early in the development process.
- Provide guidance and training to development teams on secure coding practices and security awareness.
- Ensure compliance with relevant regulatory requirements, industry standards, and security frameworks (e.g. GDPR, PCI DSS, ISO
- Conduct risk assessments and develop risk mitigation strategies to protect sensitive data and systems from security threats.
- Develop and maintain incident response plans and procedures to effectively respond to and mitigate security incidents.
- Conduct forensic investigations and root cause analysis of security incidents to identify the underlying causes and prevent recurrence.
- Implement automation and orchestration solutions to streamline security operations and improve incident response capabilities.
- Integrate security tools and technologies into the CI/CD pipeline to automate security testing and validation processes.
- Bachelor's or Master's degree in Computer Science, Information Security, or a related field.
- Minimum of 5+ years of hands-on experience in software development, DevOps, and security.
- Experience in SaaS companies is a must.
- Strong understanding of cloud security principles and best practices, particularly in Azure environments.
- Proficiency in infrastructure as code (IaC) tools like Terraform for automating security controls.
- Familiarity with security testing tools and techniques, such as penetration testing, code review, and vulnerability scanning.
- Knowledge of security frameworks and standards, such as NIST Cybersecurity Framework, CIS Controls, and OWASP Top 10.
- Excellent communication skills and the ability to collaborate effectively with cross-functional teams.
- Experience in multi cloud systems in desired and Azure is a must.
DevSecOps Lead - Bangalore, India - Stealth Startup
Description
ABOUT US :
We are an early stage SaaS platform headquartered in Bangalore, with strategic offices in key global financial services hubs.
We are committed to revolutionizing the financial industry by empowering both established players and emerging fintech innovators to deliver exceptional financial products to their customers.
Our cloud-native, cutting-edge platform is designed to serve financial institutions of all sizes, offering rapid time-to-market, best-in-class security measures, and substantial cost savings.
Here, we embody the values of Speed, Efficiency, and Innovation, proudly representing a future-proof, AI-driven platform made and scaled in India.
MISSION :
Our mission is to provide strategic financial guidance, data-driven insights, and financial planning that empowers our users to make informed decisions, drive growth, and achieve financial success.
As a DevSecOps Lead, you will play a crucial role in enhancing our platform's reliability, scalability, efficiency, and security.
Responsibilities :
Infrastructure Management and Security :
)