DevOps EngineerHitya Globalfull-timeRequired skillsPythonpenetration testingSIEMPCI-DSSAWSautomation toolsBashCICloudFormationcompliancecross-functionalDevOpsDockerforecastingGitHubJenkinsKubernetesTerraformVaultAbout the role Hitya Global Website: hityaglobal.in Job details: Job Description Integrate Security : Embed security testing, reviews, and best practices into all phases of the development lifecycle Automate Security Processes : Design, implement, and maintain security automation tools (e.g., SAST, DAST, SCA, secrets scanning) within the CI/CD pipelines to detect vulnerabilities early and efficiently. Conduct Assessments and Testing : Perform regular vulnerability assessments, threat modelling ,and penetration testing on applications and infrastructure to identify and mitigate risks. Manage Infrastructure as Code (IaC) Security : Ensure secure configuration and management of cloud and on-premise infrastructure using IaC tools like Terraform or CloudFormation. Monitor and Respond to Incidents : Set up and manage security monitoring and observability solutions (e.g., SIEM, ELK stack, and Grafana) to detect and respond to security incidents in real-time. Ensure Compliance : Work with compliance teams to implement and enforce security policies and regulatory standards (e.g., GDPR, HIPAA, PCI DSS, and SOC 2). Collaborate and Educate : Foster a security-aware culture by collaborating with cross-functional teams and providing guidance and training on secure coding practices and emerging threats.Required Experience : Proven experience in a DevSecOps, DevOps, or a related cybersecurity role (typically 4+ years, more for senior positions).Technical Proficiency CI/CD Tools : Jenkins, GitLab CI, GitHub Actions. Cloud Platforms : Deep understanding of security on AWS. Scripting/Programming : Proficiency in languages like Python, Bash, Shell, or Go for automation and custom tool development. IaC and Containerisation : Experience with Docker, Kubernetes, and Terraform. Security Tools : Familiarity with vulnerability scanning, static/dynamic analysis, and secrets management tools (e.g., SonarQube, Snyk, HashiCorp Vault, and OWASP ZAP). Experience with AI/ML-based security tools for threat detection and risk forecasting.Hard Requirements (All Mandatory)Core Experience Security in Production : Has actually fixed security vulnerabilities in live systems handling real user data at scale AWS Security : Hands-on with IAM, Security Groups, KMS, Secrets Manager (not just theoretical) CI/CD Security : Integrated security scanning in pipelines (not just built pipelines) Compliance : Worked on ISO 27001, SOC 2, or PCI-DSS implementation (not just awareness)Key Points MUST have experience in handling 5k+ concurrent requests MUST have prepared company for ISO/SOC 2 successfully MUST have async/real-time experience(ref:hirist.tech) Click on Apply to know more. This page is fully interactive when JavaScript is enabled. Please enable JavaScript to apply or browse related roles.