Senior DevSecOps Engineer

Supply Wisdom: Senior DevSecOps Engineer  
 

Location: Hybrid Position based in Bangalore 
 

Supply Wisdom is a global leader in transformative risk intelligence, offering real-time insights to enhance security and regulatory compliance. Our AI-based SaaS products cover various risk domains, including financial, cyber, operational, ESG, compliance, and locations. With a diverse global workforce, Supply Wisdom proudly supports clients across Fortune 100 and Global 2000 firms in sectors like financial services, insurance, healthcare, and technology.   

Objective 
 
We are looking for a seasoned Senior DevSecOps Engineer with deep expertise in AWS to lead our efforts in building secure, scalable, and automated cloud infrastructure. This role will be instrumental in embedding security into our DevOps workflows and ensuring compliance across our AWS environments. 
 
Responsibilities:

• AWS Infrastructure Security: Design and implement secure architectures using AWS services such as EC2, S3, IAM, VPC, CloudTrail, GuardDuty, Security Hub, and KMS. 

• Design and enforce least privilege access, network segmentation, and secure connectivity models (Transit Gateway, VPC Peering, PrivateLink). 

• CI/CD Pipeline Hardening: Integrate security tools and checks into CI/CD pipelines (e.g., GitHub Actions, GitLab CI, Jenkins) to enforce secure code and deployment practices. 

• Integrate SAST, DAST, SCA, and IaC scanning into pipelines. 

• Enforce secrets detection, artifact signing, and SBOM generation in build workflows. 

• Infrastructure as Code (IaC): Develop and maintain secure IaC templates using Terraform or AWS CloudFormation. 

• Container Security: Secure Docker and Kubernetes workloads running on AWS (EKS), including image scanning, runtime protection, and RBAC policies. 

• Monitoring & Logging: Set up and manage AWS-native monitoring tools (CloudWatch, CloudTrail) and integrate with third-party solutions like Datadog or ELK for security observability. 

• Vulnerability Management: Automate vulnerability scanning and remediation across cloud resources and application layers. 

• Build custom tooling/scripts for proactive detection and response. 

• Integrate continuous vulnerability assessments across EC2, EKS, and serverless workloads. 

• Compliance & Governance: Ensure AWS environments meet compliance standards such as SOC 2, ISO 27001, and GDPR. Implement automated guardrails and policy enforcement using AWS Config and SCPs. 

• Automate compliance checks using AWS Config, Control Tower, and SCPs. 

• Deliver audit-ready evidence dashboards for security and compliance posture. 

• Security Automation: Build custom scripts and tools to automate security tasks, alerts, and reporting. 

• Develop incident response automation (Lambda/Step Functions auto-remediation). 

• Collaboration & Mentorship: Work closely with development, operations, and security teams to promote a DevSecOps culture. Mentor junior engineers and conduct security training sessions. 

Qualifications:

• 6+ years of experience in DevOps, Cloud Security, or Infrastructure Engineering. 

• 4+ years of hands-on experience with AWS services and security best practices. 

• Strong proficiency in scripting languages (Python, Bash, etc.). 

• Experience with containerization (Docker) and orchestration (Kubernetes/EKS). 

• Familiarity with security tools like Snyk, Aqua, Prisma Cloud, HashiCorp Vault, etc. 

• Deep understanding of IAM, network security, encryption, and secure access patterns. 

• Experience with IaC tools (Terraform, CloudFormation) and version control systems (Git). 

• Knowledge of compliance frameworks and secure SDLC principles. 
  
  

Preferred Qualifications:

• AWS Certified Security – Specialty or other relevant AWS certifications. 

• Experience with zero-trust architecture and cloud-native security models. 

• Exposure to multi-account AWS environments and landing zone setups. 

• Familiarity with DevSecOps maturity models and risk assessment methodologies. 
   

We offer a flexible and vibrant work environment; a global team filled with passionate and fun-loving people coming from diverse cultures and background. 

If you are looking to make an impact in delivering market-leading risk management solutions, empowering our clients, and making the world a better place, then Supply Wisdom is the place for you. You can learn more on supplywisdom.com and  LinkedIn.