Dijination LLC

DevSecOps Engineer

Job Overview:

We are seeking a highly skilled and experienced Senior DevSecOps Engineer to join our dynamic team. In this role, you will be responsible for integrating security practices into DevOps processes to ensure the deployment of secure, high-quality IT infrastructure. You will work closely with global and local development teams, manufacturing operations teams, and security teams to implement and maintain security measures across our CI/CD pipelines, automate security testing, and monitor systems for vulnerabilities. You will work closely with business to understand stakeholder requirements and act in accordance with the agile methodology principles.

Key Responsibilities:

• Integrate security practices into the DevOps lifecycle, from development to deployment and operations.
• Design, implement, and manage secure CI/CD pipelines, ensuring automated security testing at every stage.
• Design, implement, and maintain Microsoft Azure hybrid infrastructure, including integration with on-premises environments
• Enforce infrastructure-as-code (IaC) governance using tools such as Azure Policy, Azure Blueprints, and Gatekeeper
• Support CNF (Cloud-Native Functions) deployments on Azure and on-prem platforms, ensuring performance and scalability.
• Develop and enforce security policies and procedures for infrastructure as code (IaC) and configuration management.
• Perform regular security assessments, vulnerability scanning, and penetration testing to identify and mitigate risks.
• Collaborate with development and operations teams to ensure secure coding practices and secure deployment configurations.
• Implement and maintain security monitoring and incident response systems to detect and respond to threats in real-time.
• Provide guidance and training to development and operations teams on security best practices and emerging threats.
• Stay up-to-date with the latest security trends, tools, and technologies, and proactively implement improvements.
• Lead and mentor junior DevSecOps engineers, fostering a culture of security awareness and continuous learning.
• Provide support to deployment projects and work with third party vendors.
• Analyze requirements to understand how the introduction of new features/ functions can impact the existing product.
• Drive innovation within the factory organization.

Qualifications:

• Bachelor's degree in Computer Science, Engineering, Information Technology, or a related field.
• Minimum of 7 years experience in Software development, Systems Admin, IT Support, Site Reliability (or Build & Release) Engineering, or Network/Test/QA/DBA roles.
• At least 3+ years in a DevOps or DevSecOps role
• Strong understanding of Azure hybrid cloud solutions, including Azure Arc, Azure Stack HCI, and hybrid networking
• Strong knowledge of security principles, practices, and technologies, including encryption, authentication, authorization, and network security.
• Proficiency with CI/CD tools such as Jenkins, GitLab, or Azure DevOps, and experience integrating security tools into CI/CD pipelines.
• Hands-on experience with security testing tools such as SAST, DAST, SCA, and penetration testing frameworks.
• Expertise in cloud platforms (AWS and Azure) and securing cloud infrastructure.
• Strong scripting and automation skills (Python, Bash, PowerShell, etc.)
• Experience with infrastructure automation tools (e.g., Terraform, ARM templates, Bicep)
• Familiarity with containerization (Docker) and orchestration (Kubernetes) security practices.
• Excellent problem-solving skills and the ability to work independently as well as part of a team.
• Strong communication skills, with the ability to explain complex security concepts to non-technical stakeholders.
• Relevant certifications such as Azure Security Engineer Associate, Azure DevOps Engineer Expert, Azure Solutions Architect Expert are highly desirable.

Preferred Skills:

• Experience with infrastructure as code (IaC) tools such as Terraform or Ansible.
• Knowledge of regulatory compliance requirements and frameworks (e.g., GDPR).
• Background in software development with experience in secure coding practices.
• Familiarity with microservices architecture and securing APIs.
• Experience with log management and monitoring tools such as Checkmk, Nagios, ELK Stack, Splunk, or Prometheus.
• Knowledge of Zero Trust Architecture and implementation.

Job Types: Full-time, Contract

Work Location: In person