DevSecOps Engineer (NCS/Job/ 2551)

Job Summary

We are seeking a skilled DevSecOps Engineer to integrate security into our development and operations processes. The ideal candidate will have strong expertise in Splunk for security monitoring and analytics, along with experience in automating security controls across CI/CD pipelines.

Key Responsibilities

• Security Integration: Embed security practices into DevOps workflows and CI/CD pipelines.
• Splunk Expertise:
  • Design and maintain Splunk dashboards, alerts, and reports for monitoring security events.
  • Analyze logs to detect anomalies, indicators of compromise, and compliance violations.
• Automation: Implement automated security checks, vulnerability scanning, and compliance validation.
• Incident Response: Participate in security incident analysis and remediation.
• Cloud & Container Security: Secure container images (Docker/Kubernetes) and cloud environments (AWS/Azure/GCP).
• Compliance: Ensure adherence to standards like ISO27001, PCI-DSS, and GDPR.
• Collaboration: Work closely with development and operations teams to improve security posture.
• Continuous Improvement: Stay updated on emerging threats and security technologies.

Required Skills & Qualifications

• Education: Bachelor’s degree in Computer Science, Information Security, or related field.
• Experience:
  • 5+ years in DevSecOps or related roles.
  • Hands-on experience with Splunk (mandatory).
• Technical Skills:
  • Strong knowledge of SIEM tools (Splunk Enterprise Security).
  • Familiarity with Terraform, Jenkins, Ansible, and containerization (Docker/Kubernetes).
  • Scripting skills (Python, Bash).
• Security Tools: Nessus, Burp Suite, Metasploit (preferred).
• Soft Skills: Strong analytical, problem-solving, and communication skills.

Preferred Qualifications

• Certifications: CISSP, CEH, Splunk Certified Power User/Admin.
• Experience with Kafka, Vector, or other logging tools.
• Knowledge of cloud security best practices.