DevSec Ops Engineer

About the RoleLocation:Remote | Bangalore Employment Type:Full-Time Working Hours overlap with the USA teamAtLeanSys Pvt. Ltd ., we're looking for a Lead DevSecOps Engineer to lead our security testing initiatives for cloud applications hosted onAzure and AWS . You'll own a security strategy while integrating security practices across our software development lifecycle. Drive compliance readiness and build resilience against cyber threats.What You'll DoSecurity Testing & Vulnerability Management - Execute comprehensive Vulnerability Assessment and Penetration Testing (VAPT) across network assets, servers, firewalls, endpoints, and cloud services - Identify misconfigurations, patch gaps, and exploitable vulnerabilities across Azure and AWS environments - Perform regular penetration tests and security assessments - Apply patches, recommend fixes, and drive security improvementsCompliance & Certification - Lead PCI DSS certification efforts for cloud-hosted applications - Implement and enforce security policies aligned with SOC2, PCI DSS, and GDPR standards - Conduct internal audits and support external compliance assessments - Maintain detailed documentation of security configurations, risk assessments, and audit trailsArchitecture & Design - Define security testing strategy and roadmap - Develop security architectures for new systems and cloud deployments - Integrate security controls into software and CI/CD pipelines - Configure and manage firewalls, VPNs, IDS/IPS systemsThreat Monitoring & Incident Response - Monitor network traffic and cloud environments for malicious activity - Investigate security breaches and coordinate incident response - Develop and maintain incident response playbooks - Lead forensic analysis and ensure rapid recovery from security eventsWhat You'll Deliver- Security assessment and vulnerability reports with severity ratings - Remediation recommendations and prioritized action plans - Executive summary reports for leadership and auditors - PCI DSS compliance documentation and certification support - Quarterly security architecture reviewsWhat You BringRequired Skills & Experience - 5+ years in security engineering, penetration testing, or vulnerability assessment - Hands-on experience with**Azure**and**AWS**security services and configurations - Strong knowledge of**PCI DSS**compliance requirements and certification process - Proficiency with VAPT tools (Burp Suite, Nessus, Qualys, Metasploit, etc.) - Experience with network security: firewalls, VPNs, IDS/IPS, SIEM solutions - Understanding of SOC2 and GDPR compliance frameworks - Ability to translate technical findings into executive-level reportsPreferred Qualifications - Security certifications: OSCP, CEH, CISSP, CISM, or equivalent - Cloud security certifications: AWS Security Specialty, Azure Security Engineer - Experience with DevSecOps and CI/CD pipeline security - Background in incident response and digital forensics - Familiarity with infrastructure-as-code security scanning - Experience with AI/ML tools in DevSecOps activitiesCompensation & BenefitsUp to ₹30 Lakhs per annum (based on experience and expertise) Employee well-being program to help our team members maintain a happier and healthier work-life Professional development and certification supportReady to secure your future? Share your resume and the following details. Expected CTC : Earliest Joining Date :Note: This role requires an overlap of working hours with the customer's team in the USA. Often working hours overlap from 8 PM to 1 AM IST, while the remaining hours are flexible

Apply Now