Senior DevSecOps Engineer

Job Title: Senior DevSecOps EngineerLocation: India (Remote)
Employment Type: Full-Time
Department: Customer Operations
Platform9 is a leader in simplifying enterprise private clouds. Our flagship product, Private Cloud Director, turns existing infrastructure into a full-featured private cloud. Enterprise IT teams can manage VMs and containers with familiar GUI tools and automated APIs in a private, secure environment.
Enterprises are selecting Platform9's Private Cloud Director to migrate away from legacy virtualization platforms because it meets all of the following enterprise requirements: 
- Familiar VM management experience 
- Critical enterprise virtualization features: HA, DRR, networking, scale, reliability 
- Compatibility with all existing hardware environments, including 3rd-party storage
- Automated migration tooling that lowers cost barrier by 10x
Platform9 was founded by a team of VMware cloud pioneers and has over 30,000 nodes in production at some of the world’s largest enterprises, including Cloudera, EBSCO, Juniper Networks, and Rackspace. Platform9 is an inclusive, globally distributed company backed by prominent investors, committed to driving private cloud innovation and efficiency
 About the Role

We are seeking an exceptional Senior DevSecOps Engineer to lead the design, implementation, and oversight of our company’s security posture across infrastructure, software delivery, and operational practices. This is a senior technical role that blends deep cloud native engineering skills with strong strategic and leadership capabilities in cybersecurity.

You’ll serve as a key security authority, responsible for embedding security into every layer of our technology stack, while also helping define our broader security strategy and risk management posture. You’ll work cross-functionally with Engineering, DevOps, Product, and Executive Leadership to ensure security is not just an add-on but a core component of how we build and operate.

This role is perfect for someone ready to step into a Principal Architect-track position while remaining hands-on with modern cloud-native and infrastructure-as-code technologies.
 

Key ResponsibilitiesStrategic Leadership

• Define and drive the organization’s security strategy across infrastructure, application, and operational domains.
   
• Serve as a subject matter expert in security to executive leadership and participate in strategic risk and compliance planning.
   
• Develop and maintain the company’s overall security posture, policies, frameworks, and roadmaps.
   
• Lead security architecture reviews, threat modeling, and enterprise risk assessments.
   

DevSecOps Execution

• Integrate security across the entire software development lifecycle (SDLC), including CI/CD pipelines, IaC templates, and container orchestration platforms.
   
• Establish and automate controls for static and dynamic code analysis, vulnerability scanning, dependency management, and container image validation.
   
• Enforce and evolve security baselines for systems, services, and infrastructure (e.g., Kubernetes, OpenStack, Linux).
   
• Design and operate secure identity, secrets management, and privileged access control systems (e.g., HashiCorp Vault, SSO, RBAC) and ensure the product code base adheres to best practices.
   
• Drive secure configuration management and implement zero-trust principles.
   

Monitoring, Response, and Compliance

• Define incident detection and response processes, tools, and runbooks; support investigation and remediation of incidents.
   
• Shape and define compliance team’s initiatives to support audits and demonstrate alignment with frameworks such as SOC2, ISO 27001, NIST, or CIS.
   
• Lead security awareness initiatives and build a security-first culture throughout the organization.