STAFF SW ENGINEER 9849- DevSecOps- AWS/AZURE- Terraform/Ansible- CI/CD pipelines
Bangalore, India
Extreme Networks
We provide networking solutions to power your business. Our flexible and scalable cloud networking services help optimize your network infrastructure.
Job Description:
Experience: 9-14 Years
DevSecOps to lead and support our enterprise security, compliance, and risk management initiatives. This individual will play a key role in designing, implementing, and maintaining controls aligned with global compliance frameworks including ISO 27001, SOC 2, and NIST 800-53. The ideal candidate has a deep understanding of security engineering principles, a strong compliance mindset, and a proven track record in driving cross-functional security programs.
Key Responsibilities:
• Follow established processes for the implementation and maintenance of security controls aligned with ISO 27001, SOC 2, and NIST 800-53.• Collaborate with security leadership to ensure adherence to ISO 27001, SOC 2, and NIST 800-53 controls and procedures.• Collaborate with internal and external auditors to support audits, evidence gathering, and remediation efforts.• Develop and maintain automated security and compliance monitoring tools and dashboards.• Translate regulatory requirements into technical requirements and integrate them into the SDLC (Secure Development Lifecycle).• Execute tasks related to the implementation and upkeep of compliance controls under ISO 27001, SOC 2, and NIST 800-53 guidance.• Conduct gap assessments and risk analysis; define and track remediation efforts to ensure compliance readiness.• Strong hands-on experience and understanding of Kubernetes security, including RBAC, pod security policies, network policies, and secrets management.
Required Qualifications:
• 8+ years of experience in information security or compliance engineering roles.• Practical experience with DevOps security practices, including integrating security controls into CI/CD pipelines (GitLab CI, Jenkins, GitHub Actions, etc.)• Strong understanding and hands-on experience with ISO 27001, SOC 2 (Type I and II), and NIST SP 800-53.• Experience working in cloud-native environments (AWS, Azure, or GCP) with secure configuration and governance controls.• Familiarity with cloud-native security (AWS, GCP, or Azure), container orchestration, and infrastructure-as-code tools like Terraform, Helm, or Ansible.• Solid knowledge of access management, encryption, logging/monitoring, and network security principles.• Demonstrated ability to lead technical initiatives, work cross-functionally, and influence at all levels.• Excellent written and verbal communication skills with experience writing policies and technical documentation.
Preferred Qualifications:
• Professional certifications such as CISSP, CISA, CISM, ISO 27001 Lead Implementer/Auditor, or AWS Security Specialty etc.• Experience with compliance automation platforms.• Background in regulated industries such as fintech, healthcare, or government.
Experience: 9-14 Years
DevSecOps to lead and support our enterprise security, compliance, and risk management initiatives. This individual will play a key role in designing, implementing, and maintaining controls aligned with global compliance frameworks including ISO 27001, SOC 2, and NIST 800-53. The ideal candidate has a deep understanding of security engineering principles, a strong compliance mindset, and a proven track record in driving cross-functional security programs.
Key Responsibilities:
• Follow established processes for the implementation and maintenance of security controls aligned with ISO 27001, SOC 2, and NIST 800-53.• Collaborate with security leadership to ensure adherence to ISO 27001, SOC 2, and NIST 800-53 controls and procedures.• Collaborate with internal and external auditors to support audits, evidence gathering, and remediation efforts.• Develop and maintain automated security and compliance monitoring tools and dashboards.• Translate regulatory requirements into technical requirements and integrate them into the SDLC (Secure Development Lifecycle).• Execute tasks related to the implementation and upkeep of compliance controls under ISO 27001, SOC 2, and NIST 800-53 guidance.• Conduct gap assessments and risk analysis; define and track remediation efforts to ensure compliance readiness.• Strong hands-on experience and understanding of Kubernetes security, including RBAC, pod security policies, network policies, and secrets management.
Required Qualifications:
• 8+ years of experience in information security or compliance engineering roles.• Practical experience with DevOps security practices, including integrating security controls into CI/CD pipelines (GitLab CI, Jenkins, GitHub Actions, etc.)• Strong understanding and hands-on experience with ISO 27001, SOC 2 (Type I and II), and NIST SP 800-53.• Experience working in cloud-native environments (AWS, Azure, or GCP) with secure configuration and governance controls.• Familiarity with cloud-native security (AWS, GCP, or Azure), container orchestration, and infrastructure-as-code tools like Terraform, Helm, or Ansible.• Solid knowledge of access management, encryption, logging/monitoring, and network security principles.• Demonstrated ability to lead technical initiatives, work cross-functionally, and influence at all levels.• Excellent written and verbal communication skills with experience writing policies and technical documentation.
Preferred Qualifications:
• Professional certifications such as CISSP, CISA, CISM, ISO 27001 Lead Implementer/Auditor, or AWS Security Specialty etc.• Experience with compliance automation platforms.• Background in regulated industries such as fintech, healthcare, or government.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
2
0
0
Tags: Ansible Audits Automation AWS Azure CI/CD CISA CISM CISSP Cloud Compliance DevOps DevSecOps Encryption FinTech GCP GitHub GitLab Governance Helm ISO 27001 Jenkins Kubernetes Monitoring Network security NIST NIST 800-53 Risk analysis Risk management SDLC SOC SOC 2 Terraform
Region:
Asia/Pacific
Country:
India
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information System Security Officer jobsSenior Cybersecurity Engineer jobsSystems Administrator jobsSenior Cloud Security Engineer jobsSenior Security Analyst jobsIT Security Analyst jobsCyber Security Specialist jobsSenior Information Security Analyst jobsInformation Security Manager jobsSenior Network Security Engineer jobsSenior Information Security Engineer jobsSecurity Consultant jobsSenior Product Security Engineer jobsSecurity Specialist jobsInformation Systems Security Engineer jobsChief Information Security Officer jobsInformation System Security Officer (ISSO) jobsSenior Cyber Security Engineer jobsIT Security Engineer jobsCyber Threat Intelligence Analyst jobsSenior IT Auditor jobsCybersecurity Specialist jobsSenior Software Engineer jobsSecurity Operations Analyst jobsNetwork Engineer jobs
EDR jobsTS/SCI jobsCEH jobsJava jobsEncryption jobsSplunk jobsThreat detection jobsSDLC jobsIDS jobsMalware jobsIPS jobsFinance jobsTerraform jobsRMF jobsTop Secret jobsSQL jobsForensics jobsSOC 2 jobsDocker jobsCompTIA jobsActive Directory jobsIntrusion detection jobsOWASP jobsITIL jobsClearance Required jobs