Senior DevSecOps

Description

Today’s world is crime-riddled. Criminals are everywhere—virtual, invisible, and sophisticated. Traditional ways to prevent and investigate crime and terror are no longer enough.

Technology is advancing at lightning speed. Criminals know it—and they exploit it. So do we.

For nearly 30 years, the brilliant minds at Cognyte have been building software to help governments and enterprises stay ahead of evolving threats. With industry-leading investigative analytics, our solutions make the world a safer place—and that’s a mission we take personally.

We’re now looking for an exceptional Security Architect to drive the security of our cloud-native platform and DevOps processes.

If you’re a hands-on technologist with a strategic mindset, and you thrive in collaborative, high-impact roles—this is your moment.

Role Overview

As a Security Architect, you’ll be the driving force behind securing our application and infrastructure layers, embedding security best practices across the SDLC and modern DevOps workflows.

You'll work closely with DevOps engineers, backend developers, and architects to secure our code, product, CI/CD pipelines, Kubernetes infrastructure, and identity systems. Your goal: make security a shared responsibility across the company.

As a Cognyter you will be working on:

• DevSecOps Strategy: Define and implement DevSecOps practices—integrating security into CI/CD pipelines using industry-leading tools (e.g., SAST, DAST, IaC scanners)
• Secure Software Delivery: Automate vulnerability scanning, secrets detection, and compliance checks in Jenkins pipelines and container workflows
• Infrastructure Security: Harden Kubernetes environments (RBAC, PSP, network policies, admission controllers), VMs (OpenNebula/KVM), and cloud deployments
• Identity & Access Management: Secure Keycloak setups and identity flows with proper token strategies, MFA, and access controls
• Threat Modeling: Collaborate with development and architecture teams to perform risk analysis and threat modelling for critical systems and features
• Security Evangelism: Promote secure coding practices, conduct internal workshops, and elevate the security mindset across engineering

Requirements

For that mission you'll need:

• 5–8+ years of experience in Security Architecture or DevSecOps roles
• Expertise in securing Java-based systems (Spring Boot) and modern CI/CD workflows (preferably Jenkins)
• Proven experience integrating tools like Trivy, Snyk, SonarQube, JFrog, or OWASP ZAP into pipelines
• Hands-on experience with Kubernetes, container security, Helm, GitOps tools.
• Proficiency in Terraform or Ansible for infrastructure-as-code and policy as code
• Strong knowledge of OWASP Top 10, secure design patterns, and code audit practices
• Familiarity with Keycloak or equivalent IAM tools and best practices around SSO and OAuth2/OIDC

Technical Skills:

• Languages: Bash, Python, Groovy, Helm, YAML
• Security Tools: Trivy, Snyk, SonarQube, OWASP ZAP, or similar
• Infra: Kubernetes, KVM, public cloud (AWS/GCP/Azure)
• Standards: CIS Benchmarks, NIST, ISO 27001, FEDRAMP is a significant plus

Soft Skills:

• Excellent communication skills to work with cross-functional teams
• Strategic thinker with hands-on execution capabilities
• A “secure-by-default” mindset combined with a pragmatic, collaborative appro