Senior DevSecOps Engineer - IAC Terraform

Job Description : Senior DevSecOps Engineer (Contract to Hire) Position : Senior DevSecOps Engineer (Contract to Hire) Notice Period : Immediate Joiner Experience : 8-10 years Job Overview : We are seeking a highly skilled Senior DevSecOps Engineer to join our dynamic team on a contract-to-hire basis. In this role, you will be responsible for leading the integration of security practices into our DevOps pipeline, focusing on automation, infrastructure as code (IaC), and cloud services. You will bring your deep expertise in Java development, cloud platforms (particularly Google Cloud Platform), and DevSecOps tools to ensure the security, scalability, and performance of our systems. As a Senior DevSecOps Engineer, you will work closely with development, security, and operations teams to implement secure, scalable, and efficient solutions in our eCommerce environment. Your hands-on experience with modern CI/CD tools, cloud services, and security practices will be essential in ensuring a seamless, secure software delivery pipeline. Key Responsibilities : CI/CD Pipeline Management : - Design, implement, and optimize CI/CD pipelines using GitHub Actions, ensuring efficient, automated deployment and testing processes. - Integrate security scanning tools such as SCA, SAST, DAST, and dependency scanning into the CI/CD pipeline to identify vulnerabilities early in the software development lifecycle. - Work with development teams to integrate automated build, test, and deployment processes, incorporating security best practices at every step. Infrastructure as Code (IaC) : - Utilize Terraform and other IaC tools to provision, manage, and maintain cloud infrastructure, ensuring consistency, scalability, and security. - Collaborate with DevOps teams to build and manage the infrastructure for development, staging, and production environments, leveraging cloud-native technologies. Cloud Services Expertise : - Leverage Google Cloud Platform (GCP) services, including Cloud Run, Cloud SQL, PubSub, BigQuery, Apigee, Shared VPC Networking, and Security/IAM to design, deploy, and optimize cloud infrastructure. - Ensure the proper configuration, security, and monitoring of cloud services to meet business needs. Secrets Management : - Implement and maintain secrets management systems such as HashiCorp Vault, ensuring secure storage and retrieval of sensitive credentials. - Integrate secrets management into CI/CD pipelines to protect sensitive data throughout the development lifecycle. Security Integration : - Collaborate with security teams to define and implement secure software delivery practices, including code reviews, security gates, and automated security checks. - Monitor and audit security events, working proactively to address vulnerabilities, misconfigurations, and other risks. - Implement tools and processes to ensure security compliance across the entire CI/CD pipeline, ensuring secure releases and compliance with regulatory requirements. Troubleshooting & Support : - Provide troubleshooting expertise for distributed, multi-tiered web applications and cloud infrastructure. - Diagnose and resolve issues related to application performance, security vulnerabilities, and operational inefficiencies. Collaboration & Mentorship : - Work closely with cross-functional teams, including developers, infrastructure engineers, and security professionals, to implement best practices for secure software development and infrastructure. - Mentor junior engineers and foster a culture of security within the development lifecycle. Required Skills and Qualifications : - At least 8 years of hands-on experience in Java development within an eCommerce environment, with a focus on microservices architecture. - 4 years of hands-on experience with Google Cloud Platform (GCP), including services such as CloudRun, CloudSQL, PubSub, Apigee, BigQuery, Shared VPC Networking, and IAM. - Strong experience in CI/CD pipeline automation, particularly with GitHub Actions. - Proven expertise in Terraform and other Infrastructure as Code (IaC) tools to manage cloud infrastructure. - Experience integrating SCA, SAST, DAST, and dependency scanning tools into CI/CD pipelines for enhanced security. - Hands-on experience with HashiCorp Vault or similar secrets management systems and their integration into CI/CD workflows. - Solid troubleshooting skills with distributed, microservices-based systems and multi-tiered application architectures (ref:hirist.tech)

Location: pune, IN

Posted Date: 11/22/2024