About the Role

As a DevSecOps Staff Engineer at Forbes Advisor in Chennai, TN, you will play a crucial role in integrating security throughout our DevOps practices. This involves designing and implementing secure CI/CD pipelines, building and automating secure cloud infrastructure, and ensuring compliance across development, operations, and security teams.

Responsibilities

• Design, build, and maintain secure CI/CD pipelines using DevSecOps principles to enhance automation and minimize manual intervention.
• Integrate security tools such as SAST, DAST, and SCA into pipelines for automated application building, testing, securing, and deployment.
• Implement robust security controls for cloud platforms like AWS and GCP, focusing on IAM, container security (EKS/ECS), and data encryption for services (e.g., S3, BigQuery).
• Automate vulnerability scanning, monitoring, and compliance processes in collaboration with DevOps and Development teams to mitigate risks in deployment pipelines.
• Propose architecture and process improvements to enhance overall security posture.
• Review cloud deployment architectures and implement necessary security controls.
• Mentor fellow engineers on security best practices and processes.

Requirements

• Bachelor's degree in Computer Science or a related field, or equivalent practical experience.
• A minimum of 10 years of overall industry experience, including AWS Certified - Security Specialist certification.
• Proven implementation experience with security tools and processes for SAST, DAST, and Penetration Testing.
• At least 5 years of hands-on experience with a wide range of AWS technologies (e.g., EC2, RDS, ELB, S3, VPC, CloudWatch) for developing and maintaining AWS cloud solutions with a strong emphasis on security best practices.
• Proficiency with CI/CD toolchains such as GitHub Actions, Packages, and Jenkins.
• A strong passion for addressing security challenges and staying current with emerging security threats and technologies.
• Familiarity with OWASP Top 10 Security Risks and Controls.
• Skilled in at least one scripting language, including Python or Bash.
• Good knowledge of container orchestration platforms like Kubernetes or Docker Swarm.
• Willingness to work in shifts as required.

Good to Have

• AWS Certified DevOps Engineer certification.
• Experience with observability and monitoring tools (e.g., CloudWatch, New Relic).
• Experience with infrastructure as code tools such as Terraform, Ansible, Chef, or Puppet.
• Proficiency in Windows and Linux system administration.

Perks

• Day off on the 3rd Friday of every month, creating one long weekend each month.
• Monthly Wellness Reimbursement Program to support health and well-being.
• Monthly Office Commutation Reimbursement Program.
• Paid paternity and maternity leaves.