Security Engineer - DevSec Ops

Zafin is seeking a detail-oriented and technically adept DevSecOps Engineer to join our Information Security Team. The candidate will play a key role in integrating security practices across the software development lifecycle, ensuring that security is considered at every stage, from development through to deployment and maintenance. The role requires close collaboration with both development and engineering teams to implement security measures, automate security processes, and respond to security incidents in cloud environments. The ideal candidate will have experience with DevOps practices, application security, and cloud security, with a strong focus on automation.

Key responsibilities include:

1. Implementing and maintaining security configurations using Infrastructure as Code (IaC) in cloud environments.
2. Automating security practices in CI/CD pipelines.
3. Collaborating with development teams to ensure secure coding practices and integrate application security tools.
4. Monitoring application and infrastructure environments for security incidents.
5. Responding to security alerts and coordinating with the security team to investigate and mitigate incidents.
6. Ensuring adherence to security frameworks and regulatory requirements.
7. Configuring, optimizing, and maintaining security tools.

Requirements:

• 2-4 years of experience in DevSecOps, Cloud Security, or Application Security
• Experience with CI/CD pipelines (Jenkins, GitLab, Azure DevOps)
• Familiarity with application security practices
• Knowledge of security tools (e.g., SAST, DAST, CSPM)
• Experience in cloud environments (Azure, AWS) and scripting (Python, Bash)
• Experience with containerization (Docker, Kubernetes)
• Strong communication skills

Zafin offers competitive salaries, annual bonus potential, generous paid time off, paid volunteering days, wellness benefits, and opportunities for professional growth and career advancement.