Responsibilities:
Assist in implementing security tools and automation within the CI/CD pipeline.
Stay up-to-date with the latest security trends, tools, and technologies.
Contribute to the development and maintenance of security policies and procedures.
Work closely with developers, operations engineers, and SRE to ensure seamless security integration.
Implement Secure defaults in GCP, AWS, and AZURE.
Learn to use and integrate cloud security tools, and automate their integration using scripting.
Within a month you will be able to do a container security audit, Within a year you will become a Kubernetes Security Engineer (CKS).
ROLE:
20% Security Testing, Threat modeling
30% Security Automation, AI
20% Cloud, Container Security Implementation
30% Business as Usual(BAU). (Alert Monitoring, Improving devsecops pipeline, compliance, etc.)
Qualifications:
Experience- 1-3 years
Mandatory skill- Bash and Python scripting.
Don’t apply if you are not passionate about cybersecurity.
You should be able to build a docker image from scratch. Kubernetes knowledge is a significant plus.
Strong fundamental knowledge of common web application vulnerabilities, including XSS, SQL Injection, SSRF, and XXE.
Understanding of authentication mechanisms such as SAML, OAuth, and JWT.
Preferred: Contributions to open-source tools, or having CVEs or security vulnerabilities in bug bounty.
Ability to learn quickly and adapt to new technologies.
Familiarity with cloud platforms (e.g., AWS, Azure, GCP) is a plus.
Familiarity with CI/CD tools (e.g., Jenkins, GitLab CI) is a plus.