Apply now »

Job Title: DevSecOps Lead

Role Overview

We are seeking an experienced DevSecOps Lead to architect, implement, and operationalize secure CI/CD pipelines, cloud environments, Terraform-based infrastructure, and security guardrails across mobile and cloud application teams. The ideal candidate is hands‑on with GitLab pipelines, AWS cloud environments, security tooling, IaC, and performance/scalability tuning. This role will initially be an individual contributor and later grow into a small DevOps/Platform Engineering team lead.

Key Responsibilities

1. CI/CD Pipeline Engineering (GitLab)

  • Architect and build GitLab CI/CD pipelines for both mobile (iOS/Android) and cloud applications.
  • Develop reusable pipeline templates, shared libraries, and YAML modules for engineering teams.
  • Automate environment‑specific build and deploy flows (dev, QA, UAT, prod).
  • Enhance build speed, caching strategy, and parallelization for optimal performance.

2. Cloud Deployment, Operations & Security (AWS)

  • Design and maintain AWS cloud accounts with strong security guardrails, including:
    • IAM roles, policy boundaries, least privilege design
    • VPC segmentation, subnets, NACLs, security groups
    • AWS Organizations & Service Control Policies (SCPs)
  • Implement cost management frameworks: Budgets, cost forecasting, tagging policies, cost optimization.
  • Deploy, manage, and optimize:
    • EKS / ECS clusters
    • EC2, Lambda, API Gateway
    • RDS, DynamoDB, S3, CloudFront
  • Setup monitoring and observability:  CloudWatch, Prometheus/Grafana, ELK/EFK
  • Troubleshoot performance, reliability, scaling, and networking issues.

3. Infrastructure as Code (Terraform)

  • Build and maintain Terraform modules for AWS infrastructure creation and lifecycle management.
  • Implement standard IaC
  • Enforce IaC best practices
  • Automate AWS environment provisioning across multiple regions and workloads.

4. GitOps, Deployment Automation & Tooling

  • Implement automated deployment workflows using: ArgoCD or equivalent.
  • Ensure alignment between Git repositories, Terraform states, and actual cloud environments.
  • Define deployment strategies: Blue/Green, Canary, Rolling, Feature Flags.
  • Integrate secrets management (AWS Secrets Manager, etc).

5. Security, Compliance & Governance

  • Build mandatory security steps into pipelines
  • Ensure timely VAPT (Vulnerability Assessment & Penetration Testing) cycles and remediation tracking.
  • Establish security guardrails:
    • Hardened AMIs/containers
    • Secure CI/CD runners
    • IAM least‑privilege enforcement
    • TLS enforcement, encryption in transit & at rest
  • Define and enforce compliance with cloud security best practices.

Required Technical Skills

  • Deep expertise with GitLab CI/CD (required).
  • Strong proficiency in AWS: IAM, VPC, EKS/ECS, CloudFront, S3, Lambda, RDS, security controls.
  • Hands-on experience with Terraform.
  • Experience in continuous deployment tools.
  • Understanding of mobile build pipelines for iOS/Android.
  • Expert-level scripting skills: Bash, Python, YAML.
  • Strong knowledge of SAST, SCA, container scanning, secrets scanning.
  • Experience with:
    • Docker/Kubernetes
    • CloudWatch, ELK, Prometheus/Grafana
    • CDN, WAF, load balancers
  • Knowledge of OWASP, CIS Benchmarks, AWS Well-Architected Framework.
  • Experience with cost optimization tools like AWS Cost Explorer or CloudHealth.
  • Familiarity with provisioning iOS/macOS runners or build agents.
  • Experience with incident management, runbooks, and reliability engineering.

Soft Skills

  • Strong communication, documentation, and problem-solving skills.
  • Ability to collaborate across engineering, security, QA, product, and vendor teams.
  • Ownership mindset and ability to lead in ambiguous and fast-moving environments

Apply now »