Lead and support enterprise security compliance initiatives, design and implement controls, and integrate security into development processes.
Job Description:
Experience: 9-14 Years
DevSecOps to lead and support our enterprise security, compliance, and risk management initiatives. This individual will play a key role in designing, implementing, and maintaining controls aligned with global compliance frameworks including ISO 27001, SOC 2, and NIST 800-53. The ideal candidate has a deep understanding of security engineering principles, a strong compliance mindset, and a proven track record in driving cross-functional security programs.
Key Responsibilities:
• Follow established processes for the implementation and maintenance of security controls aligned with ISO 27001, SOC 2, and NIST 800-53.
• Collaborate with security leadership to ensure adherence to ISO 27001, SOC 2, and NIST 800-53 controls and procedures.
• Collaborate with internal and external auditors to support audits, evidence gathering, and remediation efforts.
• Develop and maintain automated security and compliance monitoring tools and dashboards.
• Translate regulatory requirements into technical requirements and integrate them into the SDLC (Secure Development Lifecycle).
• Execute tasks related to the implementation and upkeep of compliance controls under ISO 27001, SOC 2, and NIST 800-53 guidance.
• Conduct gap assessments and risk analysis; define and track remediation efforts to ensure compliance readiness.
• Strong hands-on experience and understanding of Kubernetes security, including RBAC, pod security policies, network policies, and secrets management.
Required Qualifications:
• 8+ years of experience in information security or compliance engineering roles.
• Practical experience with DevOps security practices, including integrating security controls into CI/CD pipelines (GitLab CI, Jenkins, GitHub Actions, etc.)
• Strong understanding and hands-on experience with ISO 27001, SOC 2 (Type I and II), and NIST SP 800-53.
• Experience working in cloud-native environments (AWS, Azure, or GCP) with secure configuration and governance controls.
• Familiarity with cloud-native security (AWS, GCP, or Azure), container orchestration, and infrastructure-as-code tools like Terraform, Helm, or Ansible.
• Solid knowledge of access management, encryption, logging/monitoring, and network security principles.
• Demonstrated ability to lead technical initiatives, work cross-functionally, and influence at all levels.
• Excellent written and verbal communication skills with experience writing policies and technical documentation.
Preferred Qualifications:
• Professional certifications such as CISSP, CISA, CISM, ISO 27001 Lead Implementer/Auditor, or AWS Security Specialty etc.
• Experience with compliance automation platforms.
• Background in regulated industries such as fintech, healthcare, or government.
Top Skills
Ansible
AWS
Azure
Github Actions
Gitlab Ci
Jenkins
Kubernetes
Terraform
Similar Jobs
Aerospace • Information Technology • Cybersecurity • Defense • Manufacturing
Develop, maintain, and integrate software components for Flight Management Systems. Lead software projects, ensure compliance with standards, and mentor team members.
Top Skills:
Atlassian ToolsC/C++CodeEclipseGitLdraLinuxModel-Based DevelopmentPolyspacePythonReal-Time Operating Systems (Rtos)UnixVisual Studio
Aerospace • Information Technology • Cybersecurity • Defense • Manufacturing
Manage a team of software engineers focused on avionics products, develop project plans, provide mentorship, and ensure successful software deliveries.
Top Skills:
AvionicsBattery Management SystemDo178Functional IntegrationModel Based DevelopmentSoftware EngineeringValidation/Verification
Aerospace • Information Technology • Cybersecurity • Defense • Manufacturing
The Lead Software Engineer will develop, lead, and test Java Full Stack applications, ensuring alignment with system requirements while coordinating project management efforts and fostering collaboration in an Agile team environment.
Top Skills:
AngularAWSAzureCSSDockerHibernateHTMLJavaJavaScriptKubernetesNoSQLPivotal Cloud FoundrySpringSQL
What you need to know about the Delhi Tech Scene
Delhi, India's capital city, is a place where tradition and progress co-exist. While Old Delhi is known for its rich history and bustling markets, New Delhi is defined by its modern architecture. It's clear the region places a strong emphasis on preserving its cultural heritage while embracing technological advancements, particularly in artificial intelligence, which plays a central role in shaping the city's tech landscape, fueled by investments in research and development.
