Sr. DevSecOps Engineer

Job Description
Role: Sr. DevSecOps Engineer
Location: Bangalore
Working Hours: 12-9PM
Working Model: Hybrid
Intro:
As a DevSecOps engineer, you will provide technical leadership in the DevSecOps areas of Vulnerability Scanning, Certificate Management, Password Policy Management, Infrastructure As code for Cloud Resource Provisioning, Data Analysis of security monitoring outputs, coordination of Remediation Patching, and other daily Security and Compliance efforts. Additionally, you will assist in developing an automated security framework for robust deployment tools and processes, leveraging various scripting languages and open-source solutions.
Some of the things you will be doing:

• Familiarity with DevSecOps ecosystem: Terraform, Ansible, GitHub, Jenkins, Azure DevOps, SAST, DAST & SCA
• Terraform, Ansible and AWS, Azure Architecture, Network and Security Certifications.
• Familiarity with API Security, Container Security, AWS and Azure Cloud Security
• Knowledge of Cloud Resource Provisioning, Cloud Network and Architecture, Cloud Standards and Policies.
• Experience with AWS and Azure Policy, Configuration, and Security Management tools.
• Experience with security automation, Cloud resource provisioning.
• Expertise in programming and scripting languages like Python, NodeJS, SQL query, bash, powershell, and Java.
• Experience with Vulnerable Code remediation.
• Experience with Vulnerability Management and executive reporting using PowerBI.

What technical skills, experience, and qualifications do you need?

• Prior experience (8-10 years) in a Production Engineering or related position.
• Experience working with Developers, DevOps, and Engineering teams in a dynamic environment to promote/implement the DevSecOps program throughout the organization.
• Experience coordinating and performing vulnerability assessments through the use of automated and manual tools (SAST, DAST, IAST etc).
• Ability to review and analyze vulnerability data to identify security risks to the organization's network, infrastructure, and application's and determine any reported vulnerabilities that are false positives.
• Capability to prepare security vulnerability and risk management reports for management.
• Leadership and teaming skills to coordinate remediation of vulnerabilities within established timeframes.
• Experience generating and providing executive reports for vulnerability management across DevSecOps Security Products.
• Proficiency in Java Programming, Bash, Powershell, Python, Terraform or other scripting languages.
• Familiarity with Information Security frameworks/standards (i.e. CIS, NIST, RFC2196, etc).
• Comprehension in the security areas of Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, Security and Monitoring tools, etc.
• Experience configuring, implementing, and leveraging computer security and networking diagnostic/monitoring tools.
• Knowledge of Windows and Linux patch management and related information security functions (authentication, encryption, iptables, SSL, Ciphers, etc)
• Ability to work with APIs and Plugins to integrate security tools into established CI/CD pipelines.
• Support code reviews across all code platforms
• Manage security integration into the SDLC process at CSC
• Help evolve CSC's application security functions and services
• Responsible for Security bug intake and remediation process for CSC
• Responsible for leading the remediation of application vulnerability scanning and penetration testing
• Manage integration with Static Application Security Testing (SAST) Software Composition Analysis (SCA), Dynamic Application Security Testing (DAST), Infrastructure as a Code (IaC) scanning, Secret Scanning, and Container Image scanning.
• Identify security exposures and develop mitigation plans
• Identify, report and fix technical debt.
• Assist Manager of Application Security on all application security activities
• Become a representative for the CSC Information Security program
• Be productive and participate in security initiatives with minimal supervision.
• Becomes a subject matter expert for security solutions within the CSC platform, knowledge of SANS 25 and Owasp Top 10.
• Be able to act as a mentor for junior dev, devops and security engineers
• Use the tools and technologies used throughout CSC InfoSec.
• Own and document medium/large epics and follow through until completion.
• Present security solutions to a larger CSC audience.
• Troubleshoot issues and performance bottlenecks.
• Follow Security best practices.
• Collaborate with cross functional teams (Engineering, DevOps, Product) while carrying out day-to-day tasks.
• Participate in requirement gathering with Product/SRE/InfraServices.
• Collaborate with cross Business Unit teams (CLS, DBS, Corp Tax, TBS) on implementing standardized security solutions and integrations.
• Participate in inner sourcing/procurement initiatives within CSC.

What technical skills, experience, and qualifications do you need?

• Strong experience with BI Design and Development for Vuln. Mgmt
• BE/BTech Degree
• Strong experience in distributed platform development and design
• Strong foundation in core information security principles and goals.
• Proven expertise in enterprise security solutions.
• Knowledge on common and emerging security threats.
• In-depth knowledge of security best practices.
• Ability to assist in leading the InfoSec team
• Exceptional analytical aptitude and attention to detail.
• Ability to lead and project drive multiple security initiatives.
• Excellent communication skills.
• Ability to explain complex security topics in simple language
• Ability to work with Senior Leadership.
• Fast learner / A strong willingness to learn.
• Good team player who is self-motivated and well organized.

About Us
CSC is a global business, legal, and financial services company based in Wilmington, Delaware, USA, providing knowledge-based solutions to clients worldwide. We have offices and capabilities in over 140 jurisdictions in the Americas, Europe, Asia Pacific, and the Middle East, and more than 8,000 colleagues. We are the business behind business.®
Visit our careers site to learn more about CSC and our commitment to our clients, communities, and each other.
CSC is committed to creating a feeling of belonging through a diverse and growth-oriented environment where everyone is valued.
CSC colleagues have global career opportunities and excellent benefits, including annual success-sharing bonuses or commission plans based on individual performance. To learn more, visit cscglobal.com/service/careers.
We offer a range of support to colleagues with disabilities, ensuring people have the necessary resources to thrive in their roles. We encourage candidates to work closely with our talent acquisition partners to convey their specific needs. Our commitment to accessibility reflects our broader dedication to diversity and belonging,
CSC only accepts resumes from employment agencies that are part of our approved supplier program. Resumes submitted from other agencies either to talent acquisition, our hiring leaders, employees, or through any other mechanism other than our supplier process, will not be eligible to claim related fees and the submitted resumes will be considered property of CSC.
We encourage candidates to apply directly to our website and not through third-party sources.
Disclaimer: The information above describes the general nature and level of work performed by employees in this role. It is not intended to describe all duties, responsibilities, and qualifications.
About the Team
At CSC, we don't just keep businesses running-we help them thrive. For more than 125 years, we've been the trusted partner for 90% of the Fortune 500®, leading financial institutions and businesses worldwide. As the global leader in business, legal, financial, and digital brand services across 140+ jurisdictions, we set industry benchmarks through innovation, integrity, and excellence.
Privately held and professionally managed since 1899, CSC is the business behind business®, delivering knowledge-based solutions from our headquarters in Wilmington, Delaware, USA, to clients across the globe. Our success is built on a people-first culture that fosters growth, collaboration, and agility. Recognized as a Top Employer in India, we are committed to creating an exceptional workplace where talent flourishes.
Important notice: CSC only accepts resumes from agencies in our approved supplier program. Resumes submitted through unauthorized sources-including direct submissions to hiring leaders or employees-will be considered property of CSC, with no fees eligible for claims. We encourage candidates to apply through our website for a seamless hiring experience.
\uD83D\uDD17 Explore opportunities: [CSC Careers link]
Why work for us?
At CSC, we invest in your growth, well-being, and success. Here's what sets us apart:

• Global legacy: Join a powerhouse shaping industries worldwide.
• Career growth and mobility: Access internal promotions, leadership programs, and skill-building opportunities to accelerate your career.
• Recognition and rewards: Enjoy performance-based bonuses, and employee recognition programs.
• Work-life balance: Benefit from hybrid work models and state-of-the-art collaborative spaces.
• Continuous learning: Gain tuition reimbursement, professional certifications, and expert-led development programs in leadership, technical skills, and more.
• Inclusive culture: Be part of a workplace where diversity, equity, and belonging fuel innovation and success.
• Community impact: Make a difference through CSC Gives Back, including our partnership with Kiva, to empower underserved communities through microloans.

Join CSC and shape the future in a dynamic, global environment where your contributions drive success.
Disclaimer: This job description serves as a general guideline and may evolve based on business needs.