DevSecOps Engineer

Security Engineering & Vulnerability Management

• Identify, triage, and remediate vulnerabilities across applications, cloud environments, and infrastructure
• Integrate security testing into CI/CD pipelines (SAST, DAST, software composition analysis, container scanning)
• Detect and resolve cloud misconfigurations and security risks
• Enforce secure coding practices and shift-left security aligned with OWASP principles
• Support audit and compliance initiatives, including PCI-DSS and internal security reviews
• Implement and support secrets management and secure access controls (IAM, least privilege)
• Monitor applications, infrastructure, and pipelines for vulnerabilities and anomalies
• Drive patching, remediation, and infrastructure hardening efforts
• Collaborate with engineering teams on incident response, debugging, and root cause analysis

Test Automation & Quality Engineering

• Design, build, and maintain scalable automation frameworks for web, API, and backend systems
• Integrate automated tests into CI/CD pipelines to improve regression coverage and release confidence
• Support release validation and production readiness for digital platforms
• Develop supporting tools to improve test execution, reporting, and reliability
• Evaluate and conduct proof-of-concepts for emerging tools in security and automation
• Contribute to best practices, standards, and lightweight governance for engineering tools
• Promote knowledge sharing, documentation, and cross-team collaboration