Job Description

DevSecOps Engineer Experience Required: 6?8 Years Location: Noida Job Overview We are seeking a seasoned DevSecOps Engineer with 6?8 years of hands-on experience in implementing security best practices across DevOps workflows. The ideal candidate will have deep expertise in ISO 27001:2022, SOC 2 Type II audits, and cloud-native security tools. You will play a critical role in integrating security into CI/CD pipelines, managing identity and access, and driving compliance across infrastructure and applications. Key Responsibilities Lead and support ISO 27001:2022 and SOC 2 Type II compliance initiatives, representing DevOps and IT in audits and assessments Conduct monthly internal audits for User Access Management, ensuring adherence to least privilege principles and security policies Manage and integrate authentication mechanisms including Okta, AWS Cognito, OIDC Connect, and OAuth 2.0 Design and maintain Enterprise Risk Matrices aligned with NIST, ISO, and CIS frameworks Develop and implement incident response policies and procedures to enhance organizational security posture Oversee security patching within release management cycles to ensure regulatory compliance Automate security workflows using AWS Security Hub, Inspector, Patch Manager, and EventBridge Build and maintain automated vulnerability mitigation tasks using AWS CodeBuild Use Terraform for Infrastructure as Code (IaC) to manage cloud resources securely and efficiently Create detailed audit reports with actionable insights to support continuous improvement Collaborate with cross-functional teams to translate complex security concepts into practical solutions for technical and non-technical stakeholders Required Skills & Qualifications 6?8 years of experience in DevSecOps, Cloud Security, or IT Compliance Strong understanding of ISO 27001, SOC 2, NIST, and CIS frameworks Hands-on experience with AWS services, especially security tools Proficiency in Terraform, CI/CD pipelines, and DevOps automation Experience with identity and access management platforms (Okta, Cognito, etc.) Excellent communication and documentation skills Ability to work independently and lead security initiatives across teams Preferred Qualifications AWS Security Specialty, Certified DevSecOps Professional Experience with container security, Kubernetes, or SAST/DAST tools Familiarity with SIEM platforms and security orchestration