Lead Engineer, Devops

Saviynt’s Enterprise Identity Cloud helps modern enterprises scale cloud initiatives and solve the toughest security and compliance challenges in record time. The company brings together identity governance (IGA), granular application access, cloud security, and Privileged Access Management(PAM) to secure the entire business ecosystem and provide a frictionless user experience. The world’s largest brands trust Saviynt to accelerate digital transformation, empower distributed workforces, and meet continuous compliance. We are a distributed global R&D team that is extremely focused on building a platform that solves the toughest security and compliance challenges while helping Saviynt maintain its leadership position in delivering enterprise identity cloud solutions.

• Design and Build Base Images for multiple runtimes (Java, Python, Node.js, Go, etc.)
• Good understanding of multi-stage builds, distroless, caching, and minimal OS layers to reduce size and speed up builds
  

• Use Cosign to sign and verify images, ensuring end-to-end supply chain trust
• Strong understanding of security and compliance such as FIPS 140-2/3, CIS, STIG and NIST
  

• Collaborate with Engineering, DevSecOps, Cloud Platform, and Security Compliance teams to align image contents with infrastructure, compliance, and runtime needs across all environments
  

• Deep Linux expertise (Alpine, Ubuntu, RHEL etc…) , package management, and hardening knowledge to secure base layers
  

• Build and manage automated image pipelines using GitLab CI
• Maintain image governance through versioning, tagging, and lifecycle policies across internal and external registries
  

• Distribute and manage images across AWS, Azure, and GCP registries with signature checks
  

• Ensure base images are optimized for K8s workloads and integrate with Helm charts and DevOps pipelines
• Embed image scanning and compliance checks using Amazon Inspector, MicroSoft Defender, Trivy, Grype etc.
  

• Work closely with the ConMon (Continuous Monitoring) team to share vulnerability results, apply fixes and maintain false positives dashboards
  

• Expert in Docker, Linux, and container image optimization
• Hands-on with Cosign, Sigstore, and container supply chain security
• Strong understanding of DevOps, Kubernetes, and multi-cloud ecosystems
• Familiar with FIPS, CIS, FedRAMP, and NIST compliance frameworks
• Skilled in Bash or Python scripting for automation