DevSec Ops Engineer

About the RoleLocation: Remote | BangaloreEmployment Type: Full-Time Working Hours overlap with the USA team At LeanSys Pvt. Ltd., we're looking for a Lead DevSecOps Engineer to lead our security testing initiatives for cloud applications hosted on Azure and AWS. You'll own a security strategy while integrating security practices across our software development lifecycle. Drive compliance readiness and build resilience against cyber threats.What You'll DoSecurity Testing & Vulnerability Management- Execute comprehensive Vulnerability Assessment and Penetration Testing (VAPT) across network assets, servers, firewalls, endpoints, and cloud services- Identify misconfigurations, patch gaps, and exploitable vulnerabilities across Azure and AWS environments- Perform regular penetration tests and security assessments- Apply patches, recommend fixes, and drive security improvementsCompliance & Certification- Lead PCI DSS certification efforts for cloud-hosted applications- Implement and enforce security policies aligned with SOC2, PCI DSS, and GDPR standards- Conduct internal audits and support external compliance assessments- Maintain detailed documentation of security configurations, risk assessments, and audit trailsArchitecture & Design- Define security testing strategy and roadmap- Develop security architectures for new systems and cloud deployments- Integrate security controls into software and CI/CD pipelines- Configure and manage firewalls, VPNs, IDS/IPS systemsThreat Monitoring & Incident Response- Monitor network traffic and cloud environments for malicious activity- Investigate security breaches and coordinate incident response- Develop and maintain incident response playbooks- Lead forensic analysis and ensure rapid recovery from security eventsWhat You'll Deliver- Security assessment and vulnerability reports with severity ratings- Remediation recommendations and prioritized action plans- Executive summary reports for leadership and auditors- PCI DSS compliance documentation and certification support- Quarterly security architecture reviewsWhat You BringRequired Skills & Experience- 5+ years in security engineering, penetration testing, or vulnerability assessment- Hands-on experience with **Azure** and **AWS** security services and configurations- Strong knowledge of **PCI DSS** compliance requirements and certification process- Proficiency with VAPT tools (Burp Suite, Nessus, Qualys, Metasploit, etc.)- Experience with network security: firewalls, VPNs, IDS/IPS, SIEM solutions- Understanding of SOC2 and GDPR compliance frameworks- Ability to translate technical findings into executive-level reportsPreferred Qualifications- Security certifications: OSCP, CEH, CISSP, CISM, or equivalent- Cloud security certifications: AWS Security Specialty, Azure Security Engineer- Experience with DevSecOps and CI/CD pipeline security- Background in incident response and digital forensics- Familiarity with infrastructure-as-code security scanning- Experience with AI/ML tools in DevSecOps activitiesCompensation & Benefits Up to ₹30 Lakhs per annum (based on experience and expertise)Employee well-being program to help our team members maintain a happier and healthier work-life Professional development and certification supportReady to secure your future?Share your resume and the following details.Expected CTC :Earliest Joining Date :Note: This role requires an overlap of working hours with the customer's team in the USA. Often working hours overlap from 8 PM to 1 AM IST, while the remaining hours are flexible

Apply Now