Responsibilities:

1. Security Integration:

   • Collaborate with development and operations teams to integrate security practices seamlessly into the DevOps pipeline.
   • Implement security controls at every stage of the development process.

2. Automation:

   • Develop and maintain automation scripts and tools for security-related processes.
   • Implement continuous integration and continuous deployment (CI/CD) pipelines with a focus on security.

3. Vulnerability Management:

   • Conduct regular security assessments, identify vulnerabilities, and provide recommendations for remediation.
   • Stay abreast of industry best practices and emerging threats to ensure proactive vulnerability management.

4. Incident Response:

   • Develop and maintain an incident response plan, and participate in security incident investigations.
   • Collaborate with cross-functional teams to implement corrective actions in response to security incidents.

5. Security Compliance:

   • Ensure compliance with industry standards, regulatory requirements, and internal security policies.
   • Conduct regular audits to verify adherence to security controls.

6. Training and Awareness:

   • Provide security training and awareness programs for development and operations teams.
   • Act as a subject matter expert on security best practices.

Qualifications:

1. Bachelor's degree in Computer Science, Information Technology, or a related field.
2. Proven experience as a DevSecOps Engineer or similar role.
3. Strong knowledge of security best practices and principles.
4. Experience with cloud platforms (e.g., AWS, Azure, GCP) and containerization technologies.
5. Proficiency in scripting and programming languages (e.g., Python, Shell, Ruby).
6. Familiarity with security tools and technologies (e.g., IDS/IPS, WAF, vulnerability scanners).
7. Excellent communication and collaboration skills.