Foundation AI
https://www.foundationai.comJobs at Foundation AI
Designation: DevSecOps Engineer
Location: Hyderabad
Work Mode: Office
Reporting to: Associate Director- DevOps
About the Role: As a DevSecOps Engineer at Foundation AI, you'll lead efforts to enhance security for infrastructure and products. You'll need technical expertise in identifying and addressing security vulnerabilities, ensuring compliance, and integrating security best practices across the development lifecycle. Your role also involves collaborating with cross-functional teams to embed security throughout the development process.
Responsibilities:
● WorkLocation Commitment: As a DevSecOps Engineer, you'll be expected to work from our office in Hyderabad. This reflects our preference for in-person collaboration and a commitment to team cohesion.
● Rich Industry Experience: You should possess a substantial 3-6 years of experience in DevSecOps and DevOps & should have worked for product-based companies (Startup/Scaleup). This extensive experience underscores your ability to navigate complex DevsecOps challenges effectively.
● Infrastructure as Code (IaC) Security: Ensuring that application configurations are secure and compliant with security policies. Performing security checks on infrastructure code (e.g., Terraform, CloudFormation) to ensure that resources are provisioned securely.
● Operating System Expertise: Your command over operating systems is particularly vital, with a strong emphasis on Linux. This expertise ensures a solid foundation for managing and optimizing system-level operations.
● DevSecOpsMethodology: By incorporating security into the DevOps workflow, DevSecOps aims to identify and mitigate security vulnerabilities more effectively, reduce the risk of security breaches, and accelerate the delivery of secure software.
● Static Application Security Testing (SAST): Scanning the code for security vulnerabilities using tools like SonarQube, Checkmarx, or Fortify as part of the build process.
● DynamicApplication Security Testing (DAST): Conducting security testing on running applications to find vulnerabilities that attackers can exploit. Tools like OWASP ZAP or Burp Suite can be integrated into the pipeline
. ● Effective Communication and Collaboration: Exceptional communication and collaboration skills are essential. You'll work closely with cross-functional teams, bridging the gap between development and operations, and ensuring smooth coordination.
● Cloud-Native Proficiency: Knowledge of security tools specific to cloud-native environments, such as container security scanners, cloud security posture management (CSPM) tools, and cloud workload protection platforms (CWPP).
● Understanding Distributed Computing: A solid grasp of Distributed Computing principles is fundamental. It enables you to design and implement systems that can handle complex, distributed workloads effectively.
● CodingProwess: Your coding skills, particularly in Bash Shell Scripting and Python, will play a pivotal role. These skills empower you to automate tasks and develop tools to enhance system reliability and efficiency.
Role:
● AssistSDEsandDevOpsteamsonsecuredeploymentandbestpractices. ● CreateaKnowledgebaseonsecurityvulnerabilitiesandtestcases.
● PerformsecuritytestingonWebandMobileassetsthroughachecklist
● WorkcloselywiththeProduct teamandSDE/QAtofixvulnerabilities/ issues faced by customers
● Performredteamandphishingexercisestoimprovesecurityposture
● Assist/mentor teammates on security test cases and day-to-day activities
● Workonincidentmanagementandthird-partysecurityreports
● Initiateandimproveresponsibledisclosure/Bugbountyprogram
●Brownbagsessionsandpresentationstothetechteamonsecuritybestpractices and improvements
● Work closely with business stakeholders and influence the security policy of the org .
Similar companies
Myraa Technologies
About the company
Jobs
0
Scry AI
About the company
Scry AI invents, designs, and develops cutting-edge technology-based Enterprise solutions powered by Machine Learning, Natural Language Processing, Big Data, and Computer Vision.
Scry AI is an R&D organization leading innovation in business automation technology and has been helping companies and businesses transform how they work.
Catering to core industries like Fintech, Healthcare, Communication, Mobility, and Smart Cities, Scry has invested heavily in R&D to build cutting-edge product suites that address challenges and roadblocks that plague traditional business environments.
Jobs
1
Aindra Labs
About the company
Jobs
1
Global AI Solutions
About the company
Jobs
0
Recreate AI
About the company
Jobs
0
One Arc Labs
About the company
Jobs
0
Essentially AI Private Limited
About the company
Jobs
0
Inscripta AI
About the company
Jobs
0
InteligenAI
About the company
Jobs