Snapmint - DevSecOps Engineer - IAC Terraform

Job Description

Description We are looking for a highly motivated DevSecOps Engineer with 4-5 years of hands-on experience in integrating security into the DevOps lifecycle. The ideal candidate will work closely with development, security, and operations teams to ensure our applications and infrastructure are secure, scalable, and efficient from development through deployment as per ISO/PCI-DSS : Integrate security best practices into CI/CD pipelines (GitLab, Jenkins, GitHub Actions, etc.) Automate security scans (SAST, DAST, dependency checks) and enforce policies. Implement Infrastructure as Code (IaC) using tools like Terraform, CloudFormation, or Ansible. Collaborate with development teams to remediate vulnerabilities and conduct threat modelling. Monitor infrastructure and application security with tools like Wazuh/Ossec or equivalent. Manage secrets and credentials securely using Vault, AWS Secrets Manager, etc. Perform regular security audits and assessments for cloud environments (AWS, GCP, Azure). Improve logging, monitoring, and alerting for security anomalies (e.g., using ELK, Prometheus, Loki, SIEM tools). Stay current on security trends, vulnerabilities, and compliance requirements. Incident Reviews and : 5 + years of experience in DevOps/Security engineering or a related role. Strong understanding of CI/CD practices with experience automating security checks. Hands-on experience with container security (Docker, Kubernetes, image scanning). Familiarity with cloud platforms (AWS/GCP) and cloud security principles. Experience with tools like SonarQube, OWASP ZAP, Trivy, Checkov, or Snyk. Proficiency in scripting (Python, Bash, or similar). Knowledge of IAM, RBAC, and least privilege principles. Good understanding of network and application security fundamentals. Strong collaboration and communication skills. Strong Security Framework knowledge and experience with PCI-DSS/ ISO. Patch Management, VA scan for Servers. Certifications : AWS Security, Certified DevSecOps Professional, CEH, or similar. Experience with compliance frameworks (SOC2 ISO 27001 PCI-DSS, etc.) Familiarity with Zero Trust Architecture and Secure SDLC concept. (ref:hirist.tech)