Devsecops Jobs in Cochin

DevOps Architect AWS Infrastructure & CI/CD Expert Location: Cochin Experience Required: 8+ years in DevOps Architecture Job Purpose We are seeking an experienced DevOps Architect to lead our cloud-native solutions and AWS infrastructure management. In this role, you will design, implement, and maintain automated CI/CD pipelines using GitLab, manage AWS services, and provide technical leadership to your team. If you have a passion for optimizing software development and deployment processes in cloud environments, this is the role for you. Key Responsibilities AWS Infrastructure Management: Extensive experience with AWS services like EC2, ECS, EKS, S3, RDS, and Lambda. Set up, manage, and troubleshoot infrastructure. CI/CD Pipeline Design & Automation: Design, build, and maintain automated CI/CD pipelines using GitLab, ensuring streamlined deployment processes. Cloud-Native Solutions: Deploy, monitor, and troubleshoot applications in AWS. Experience with microservice architecture and serverless approaches using AWS Lambda is a plus. Infrastructure as Code: Manage infrastructure using tools like CloudFormation (required) or Terraform (desired), enabling scalable, repeatable deployments. Networking & Security: Proficiency in networking, SSL/TLS certificates, VPN IPSec tunnels, and network security within cloud environments. Team Collaboration: Guide and mentor team members, and collaborate with developers, QA, and operations teams to improve deployment efficiency. Version Control & Automation: Expertise in version control systems like Git and build tools like Maven, Gradle, and Ant. Implement automation for continuous delivery using GitLab. Monitoring & Observability: Familiarity with tools like CloudWatch, ELK stack, Grafana, and Prometheus for monitoring cloud infrastructure and applications. Change Management: Lead or coordinate change management processes, including planning, documentation, risk assessment, and post-change reviews. Agile & DevOps Practices: Follow agile development processes and DevOps best practices to ensure rapid and high-quality software delivery. Required Qualifications 8+ years of hands-on experience in DevOps architecture and managing cloud infrastructure. Expertise with AWS services (EC2, ECS, EKS, S3, Lambda, RDS). Experience with GitLab CI/CD pipelines and automation tools for continuous integration and delivery. Solid experience with infrastructure as code tools like CloudFormation or Terraform. Strong troubleshooting skills in cloud-native environments and expertise in monitoring tools like CloudWatch, Grafana, and Prometheus. Experience with containerization tools such as Docker and Kubernetes, and knowledge of Kubernetes management with services like EKS. Proficiency in networking and network security in AWS environments (SSL/TLS, VPN, IPSec tunnels). Experience with Agile development and working in a Scrum-based environment. Ability to communicate effectively with both technical and non-technical stakeholders. Preferred Qualifications Experience with serverless architectures using AWS Lambda. Knowledge of Shift Left Methodology and OpenTelemetry specs for monitoring. Familiarity with ITIL-based change management frameworks and tools.

Role Purpose: The purpose of this role is to design the organization s computer and network security infrastructure, ensuring the protection of systems and sensitive information from cyber threats. Key Responsibilities: 1. Cyber Security Strategy and Architecture: Design and develop enterprise-level cybersecurity strategies and architectures. Evaluate business strategies, conduct security vulnerability assessments, and analyze risks. Identify risks associated with business processes, operations, information security programs, and technology projects. 2. Threat Identification and Mitigation: Identify and communicate current and emerging security threats. Design and implement security architecture elements to mitigate emerging threats. Identify security gaps in existing and proposed architectures and recommend enhancements. 3. Security Design and Compliance: Conduct product fit analysis for end-to-end security, ensuring coverage across architecture aspects like Layered Security, Zoning, Integration, API, Endpoint Security, Data Security, and Compliance. Demonstrate expertise in security assessments against frameworks such as NIST, SANS, and CIS. Provide support during the deployment, configuration, integration, and administration of security technologies. Apply ITIL processes such as incident management, configuration management, change management, and problem management. 4. Disaster Recovery and Solution Provision: Assist in disaster recovery during security breaches, attacks, or unauthorized activities. Provide solutions for RFPs received from clients and ensure design assurance. Develop strategies to manage cyber risk security solutions, aligning with business objectives. 5. Technical Leadership and Solution Design: Lead the design, development, and implementation of custom solutions using modern technology. Analyze current solutions, identify improvements, and propose target state solutions with trade-offs. Articulate architectural targets, recommendations, and reusable patterns. Evaluate and recommend solutions for integration with the technology ecosystem. 6. Industry Trends and IT Needs: Stay informed on industry trends and emerging technologies to support current and future IT needs. 7. Stakeholder Coordination and Audit Assistance: Liaise with stakeholders on cybersecurity issues, providing timely support and future recommendations. Assist in maintaining an information security risk register and support internal and external audits. Ensure the implementation of security best practices to meet business, customer, and regulatory requirements. 8. Training and Awareness: Assist in creating and delivering cybersecurity awareness training for team members and clients. Provide training on issues like spam, malicious emails, and other security concerns. Stakeholder Interaction: Internal Stakeholders: Program Manager/Director: Regular reporting and updates. Infrastructure (CIS team): For infrastructure support. External Stakeholders: Customer: Coordinate for security breaches and resolutions. Competencies: Functional Competencies/Skills Leveraging Technology: Knowledge of current and upcoming security technologies (e.g., Firewalls, IPS, DDoS, SIEM, WAF, Endpoint security), and understanding of compliance regulatory requirements such as PCI DSS, HIPAA, etc. (Expert level). Systems Thinking: Understanding of the interrelatedness and interdependencies within systems, and performing problem-solving in complex environments (Expert level). Leveraging Technology: In-depth mastery of ecosystem technology, commanding expert authority and respect (Master level). Technical Knowledge: Certifications like Certified Information Systems Security Professional (CISSP), Cloud Architect Certification from AWS and Azure, ToGAF, or SABSA certification (Master level). Behavioral Competencies: Effective Communication: Clear communication in both technical and non-technical contexts. Managing Complexity: Ability to handle complex problems and solutions effectively. Client Centricity: Focus on delivering value to clients, understanding their needs. Technology Acumen: Strong understanding of evolving technology trends. Innovation: Continuously seeking new and innovative solutions to security challenges. Problem Solving Approach: Proactive approach to identifying and resolving issues. Collaborative Working: Ability to work with various teams to achieve goals. Execution Excellence: Commitment to high standards in execution and delivery. Performance Metrics: 1. Customer Centricity: Timely resolution of security breaches for end-users and stakeholders. Client satisfaction, educating clients, and suggesting the right controls to improve security. 2. Support Sales Team: Percentage of proposals with a Quality Index greater than 7. Timely support for proposals and identifying opportunities for new business or lead generation. Number of proposals led to drive business outcomes.