Senior SecDevOps Engineer (IGT1 Lanka : CFC)

About IGT1 Lanka

IGT1 Lanka is a rapidly growing offshore technology and talent solutions company based in Port City Colombo. We are a fully owned subsidiary of IGT I Holdings Sweden AB, funded by the three of world’s leading private equity firms; EQT Group, Hg, and TA Associates. We’re also proud to be a sister company of IFS, Sri Lanka’s largest and most established technology company.

At IGT1 Lanka, we partner with global businesses to scale operations, accelerate innovation, and build world-class SaaS platforms through high-quality offshore delivery. Our people-first culture champions diversity, teamwork, and continuous learning, creating an environment where talent thrives.

With a team of over 300 professionals and counting, we are always looking for passionate, skilled individuals who want to make a global impact while being part of something extraordinary.

Through our offshore collaboration model, you'll be embedded within the team of one of our esteemed international clients, contributing directly to high-impact, enterprise-level initiatives.

About the client: CFC

CFC is a specialist insurance provider, pioneer in emerging risk and market leader in cyber. Our global insurance platform uses cutting-edge technology and data science to deliver smarter, faster underwriting and protect customers from today’s most critical business risks.

Headquartered in London with offices across Europe, USA and Australia, CFC has over 1000 employees and is trusted by more than 150,000 businesses in 90 countries. Learn more at cfc.com and LinkedIn.

Role Overview:

As a SecDevOps Engineer, you will play a key role in architecting, deploying, and maintaining security-driven automation, integrations, and platform engineering efforts that support security operations, threat intelligence, and incident response. You will work closely with the security automation team, threat intel team, software engineering, and security operations to design, build, and optimize security tooling, ensuring efficient and scalable security operations across our global infrastructure.

Key Responsibilities:

• Design, build, and maintain automation frameworks and integrations that enhance security operations, threat intelligence, and detection engineering efforts.
• Collaborate with security teams to develop and optimize security workflows, automation playbooks, and integrations between security tools, SIEMs, SOAR platforms, EDR/XDR, and case management systems.
• Engineer and maintain cloud-native security solutions in AWS, Azure, and other cloud environments, ensuring security, compliance, and scalability.
• Develop and implement Infrastructure-as-Code (IaC) solutions using Terraform, Ansible, or similar technologies to deploy and manage security tooling.
• Work closely with the software engineering and DevOps teams to embed security into CI/CD pipelines, ensuring secure code deployment and automated security testing.
• Support log aggregation, enrichment, and correlation across multiple data sources to enhance threat detection and response capabilities.
• Implement and maintain API-driven integrations between security platforms, automation tools, and threat intelligence feeds.
• Optimize security telemetry ingestion, correlation, and alerting workflows to improve security detection and response effectiveness.
• Lead engineering efforts for security tooling, ensuring alignment with overall security architecture and operational requirements.
• Conduct security assessments of automation tools and integrations, identifying gaps and implementing security enhancements.
• Partner with the security and operations teams to build and refine detection logic, response automation, and platform tuning for SOC efficiency.

Qualifications & Experience:

• 5+ years of experience in SecDevOps, Security Automation, or a related engineering role.
• Strong hands-on experience with security automation platforms (e.g., Torq, Phantom, Cortex XSOAR, or similar SOAR solutions).
• Expertise in scripting and automation using Python, PowerShell, Bash, or Go.
• Experience working with SIEMs (Splunk, Stellar Cyber, Sentinel, etc.) and designing log aggregation, correlation, and alerting workflows.
• Proficiency in cloud security engineering for AWS, Azure, or GCP, including deployment of security controls and monitoring solutions.
• Experience with Infrastructure-as-Code (IaC) tools like Terraform, Ansible, or CloudFormation.
• Strong understanding of DevOps principles and experience securing CI/CD pipelines with tools such as GitHub Actions, GitLab CI/CD, Jenkins, or similar.
• Proficiency in API development and integration, leveraging RESTful APIs, webhooks, and automation frameworks.
• Experience with container security (Docker, Kubernetes) and implementing security controls for microservices architectures.
• Familiarity with threat intelligence platforms (TIPs) and their integration with security tools.
• Knowledge of secure coding practices and ability to perform security reviews of automation code and integrations.
• Strong problem-solving skills and ability to work in a fast-paced, collaborative environment.

Preferred Qualifications:

• Experience working in an MSSP or SOC environment.
• Certifications such as AWS Certified Security – Specialty, Azure Security Engineer, GIAC GCFA/GCIA, CISSP, or OSCP.
• Experience with Kafka, Elastic Stack, or other log aggregation and analytics platforms.
• Knowledge of machine learning models for security automation and AI-enhanced security analytics.
• Background in offensive security, red teaming, or penetration testing, with a focus on automation and tool development.