DEVOPS Engineer

Secure API development – Design and develop RESTful APIs and integrations with strong authentication, authorization, and data protection measures.

Work with PostgreSQL and other RDBMS to query, optimize, and secure data structures against injection attacks, data leakage, and unauthorized access.

Contribute to system architecture with Security by Design, including threat modeling and secure design reviews at the planning stage.

Write scripts to automate security scans, compliance checks, and reduce manual effort in security monitoring and deployment workflows.

Proficiency in Python, JavaScript, Java, or Go with a focus on secure coding standards (e.g., OWASP Top 10 mitigation).

Implement CI/CD pipelines with integrated SAST, DAST, dependency scanning, and secrets management for secure deployments.

Deep application of secure coding frameworks, vulnerability prevention, and industry best practices (OWASP, SANS).

Strong problem-solving and debugging skills for both functional and security-related issues in dev, test, and prod environments.

Collaborate closely with developers, operations, and security teams to embed a culture of security across all cross-functional work.

Primary Skills

Secure coding (OWASP Top 10, SANS CWE)

API security (OAuth2, JWT, input validation)

CI/CD security integration (SAST, DAST, dependency scanning)

Programming in Python, JavaScript, Java, or Go

PostgreSQL database security

Threat modeling & secure architecture reviews

Security automation scripting

Good To Have

Cloud security (AWS/GCP/Azure)

Container security (Docker/K8s, image scanning)

IaC security (Terraform, Ansible)

Security compliance (SOC 2, ISO 27001)

Ideal Experience Range

6-9 years total experience in software development and DevOps, with at least 2 - 3 years hands-on security exposure (secure coding, pipeline security, API security, threat modeling).