Overview
Skills
Job Details
Overview:
As a Principal DevOps Solutions Engineer, you will play a pivotal role in shaping our software development lifecycle by integrating security practices seamlessly into our processes. Your technical expertise and leadership will drive the implementation of robust CI/CD (Continuous Integration and Continuous Deployment) patterns while adhering to industry standards and policies. You ll collaborate with cross-functional teams, ensuring that our applications are secure, reliable, and efficiently deployed. Here s an overview of your responsibilities:
Responsibilities:
- Design and implement secure, scalable solutions to address infrastructure and security requirements.
- Champion DevSecOps practices, integrating security seamlessly into the SDLC with tools like SAST/DAST solutions and Infrastructure as Code (IaC) scanning (e.g., Prisma Cloud, SonarQube).
- Identify and implement opportunities for pipeline automation and optimization, driving efficiency and speed.
- Embrace Infrastructure as Code (IaC) using tools like Terraform and Kubernetes to automate and manage multi-cloud deployments (e.g.: AWS, Azure).
- Lead the containerization charge, leveraging Docker and Helm 3 for efficient application packaging and deployment.
- Strong understanding of security concepts, including threat modeling, risk assessment, and vulnerability management
- Proficiency in automation tools, configuration management, and continuous integration and deployment (CI/CD) pipelines. Familiarity with tools like GitHub Actions, ArgoCD, Terraform.
- Expertise in cloud security principles, including secure architecture design and configuration management. Familiarity with popular cloud platforms like AWS, Microsoft Azure
- Implement state-of-the-art artifact management solutions for secure storage and distribution (e.g., Artifactory, Nexus.)
- Implement and maintain robust monitoring solutions (e.g., Prometheus, Grafana) to gain deep insights into application and infrastructure health.
- Integrate and leverage a SIEM tool (Splunk or similar) to collect, analyze, and correlate security-related data from various sources for advanced threat detection and incident response.
- Possess a strong understanding of web server configuration and management (e.g., Apache, Nginx) for optimal performance and security.
- Possess a strong foundation in Unix/Linux administration, including scripting (Bash), user and permission management, and system troubleshooting.
- Foster a collaborative environment, working closely with development, security, and operations teams to ensure seamless software delivery.
- Stay ahead of the curve by researching and integrating the latest DevSecOps trends and methodologies.
- Share your expertise through internal training and knowledge sharing sessions.
- Develop and maintain clear documentation for DevSecOps processes and tools, ensuring consistency and knowledge transfer.
- Troubleshoot and resolve complex issues within the CI/CD pipeline and cloud deployments.
- Keep incident tracking tools updated and document discoveries and concerns.
- Proactive approach to identify and mitigate security risks
- Champion agile methodologies within the DevSecOps workflow, ensuring continuous integration, delivery, and feedback loops.
- Align with Systems/Software Development Life Cycle (SDLC) processes and industry-standard service management principles (such as ITIL).
- Understanding cloud security principles, including secure architecture design and configuration management
- Familiarity with API Security, Container Security
- Experience with cloud technologies for cloud DevSecOps
*Key Requirements Skill Set required:
- Kubernetes
- Docker
- Terraform
- Helm
- Prisma Cloud / SonarQube
Minimum Qualifications:
- Excellent verbal/written communication skills (Total Must)
- 9+ years of experience in DevSecOps principles and practices.
- Proven track record of designing and implementing secure, automated CI/CD pipelines with modern tools (GitOps, GutHub Actions etc.)
- Deep understanding of Infrastructure as Code (IaC) tools (Terraform, Kubernetes) and multi-cloud environments (AWS, Azure, Google Cloud Platform).
- Deep understanding knowledge of containerization technologies (Docker, Helm 3).
- Experience with next-generation artifact management solutions (Artifactory, JFrog).
- Experience integrating security best practices and tools (SAST/DAST, IaC scanning) into the SDLC.
- Familiarity with API Security, Container Security, and AWS Cloud Security.
- Knowledge of Prisma Cloud, SIEM, SOC, Nessus, CrowdStrike, or similar services.
- Excellent communication, collaboration, and problem-solving skills.
- Ability to thrive in a fast-paced, dynamic environment.
- Strong scripting skills (Python, Go, Bash).
- Delivers Results
- Teamwork & Collaboration
- Effective communication
- Ability to analyze and solve problems
- Strong attention to detail
Preferred Qualifications:
Possess expert level industry certification(s) in Azure
Education:
Bachelor s degree in Computer Science or Information Technology field