Staff DevSecOps Engineer

Job Description:

We are Omnissa! 

The world is evolving fast, and organizations everywhere—from corporations to schools—are under immense pressure to provide flexible, work-from-anywhere solutions. They need IT infrastructure that empowers employees and customers to access applications from any device, on any cloud, all while maintaining top-tier security. That’s where Omnissa comes in. 
 

The Omnissa Platform is the first AI-driven digital work platform that enables smart, seamless and secure work experiences from anywhere. It uniquely integrates multiple industry-leading solutions including Unified Endpoint Management, Virtual Apps and Desktops, Digital Employee Experience, and Security & Compliance through common data, identity, administration, and automation services. Built on the vision of autonomous workspaces - self configuring, self-healing, and self-securing - Omnissa continuously adapts to the way people work; delivering personalized and engaging employee experiences, while optimizing security, IT operations and costs. we're experiencing rapid growth—and this is just the beginning of our journey!
 

At Omnissa, we’re driven by a shared mission to maximize value for our customers. Our five Core Values guide us: Act in Alignment, Build Trust, Foster Inclusiveness, Drive Efficiency, and Maximize Customer Value—all with the aim of achieving shared success for our clients and our team. 
 

As a global private company with over 4,000 employees, we’re always looking for passionate, talented individuals to join us. If you're ready to make an impact and help shape the future of work, we’d love to hear from you! 

What is the opportunity?:
As a Staff DevSecOps Engineer, you will be responsible for technical leadership in securing our infrastructure, applications, and development pipelines. You will architect, design, and implement security solutions utilizing best-in-class services and tools across cloud and hybrid environments. You will lead initiatives to integrate security into our CI/CD pipelines, automate compliance processes, and cultivate a culture of security excellence.
Here is a breakdown:

• Technical Leadership: Provide strategic guidance to engineering teams on security and DevSecOps best practices. Mentor team members and ensure alignment to organizational security goals.

• Secured Infrastructure Design & Implementation: Design and deploy secure infrastructure components using tools such as WAF, firewalls, intrusion detection/prevention systems, and major cloud service provider offerings (AWS, Azure, GCP, etc.).

• CI/CD Security Integration: Enhance and automate security controls in CI/CD pipelines for efficient, secure software delivery. Advocate for secure delivery principles across microservices architectures including Kubernetes, Docker, and cloud-based platforms.

• Security Configuration Standards & Refinement: Develop, optimize, and enforce standards to protect applications and systems. Implement and periodically review security configurations based on industry best practices.

• Vulnerability Management: Establish and execute strategies for the identification, mitigation, and remediation of vulnerabilities. Champion shift-left security practices and leverage tools such as SCA, SAST, and runtime scanning in cloud environments.

• Security and Compliance Automation: Design and implement automation for security and compliance processes leveraging frameworks such as Ansible, Terraform, and others.

• Threat Modeling & Risk Assessment: Conduct comprehensive threat modeling (e.g., STRIDE, PASTA, Attack Trees) for new and existing services, communicate security requirements, and provide actionable risk mitigation recommendations.

• Incident Detection & Response: Collaborate with cross-functional teams to swiftly address and remediate security incidents. Drive improvements to incident response processes with a focus on quick decision-making and problem-solving.

• Security Advocacy & Training: Promote a security-first culture through advocacy, training sessions, and security awareness campaigns for developers and staff.

• Security Research & Testing: Continuously evaluate the latest security trends and testing methodologies, maintaining expertise in relevant security testing tools and frameworks such as MITRE ATT&CK and OWASP.

What will you bring to Omnissa? (List required / preferred skills)

• Proven experience designing and securing infrastructure components such as WAFs, firewalls, and cloud-native security controls.
• Proficiency with CI/CD practices, platform automation (Ansible, Terraform), container orchestration technologies, and secure software delivery.
• Deep understanding of security standards, frameworks (MITRE ATT&CK, OWASP), and best practices for application/system hardening.
• Hands-on experience with vulnerability management (SCA, SAST, dynamic/runtime tools).
• Familiarity with threat modeling frameworks and processes. Ability to communicate security risk and remediation to development teams.
• Strong incident response skills, with a continuous improvement mindset.
• Excellent communication, presentation, and technical writing skills. Demonstrated passion for security and knowledge-sharing.
• Lifelong learner: keen awareness of current trends in security, cloud, and DevSecOps.
• Strong coding skills in Python or any other scripting languages
• Expertise in public cloud platforms, preferably Azure
• Strong proficiency in Infrastructure as Code using Terraform

Location: Bangalore
Location Type: HYBRID
Travel Expectations: NA

What is the leadership like for this role? What is the structure and culture of the team like? 
This role offers hands-on technical leadership within a collaborative, high-impact engineering team. You’ll work across platform pods focused on Supply chain Security, infrastructure security, and guiding DevSecOps modernization and reliability efforts. The team operates in a hybrid agile model with a culture rooted in openness, blameless learning, and security-first thinking. You’ll be expected to lead by influence, mentor engineers, and drive strategic decisions that improve scalability, resilience, and developer productivity.

Omnissa’s commitment to diversity & inclusion:
Omnissa is committed to continuing their mission to build a diverse and inclusive workforce that reflects the communities we serve across the globe. Fostering inclusiveness is one of our key values, that acts as a bedrock of our operational model and culture.