This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Sr. DevSecOps Engineer based in India.
This role sits at the intersection of software engineering, cloud infrastructure, and cybersecurity, with a strong focus on embedding security into every stage of the development lifecycle. You will play a key role in designing and securing cloud-native systems that support large-scale, mission-critical applications in the corporate travel domain. The environment is highly collaborative, working closely with development, DevOps, and security teams to strengthen secure delivery practices. You will help build and maintain automated security controls across CI/CD pipelines while ensuring compliance with global standards such as PCI-DSS, GDPR, and SOC 2. This position is ideal for someone who brings a developer mindset into security engineering and thrives in fast-paced, distributed teams. You will also contribute to shaping a strong security-first engineering culture across the organization. The role offers exposure to modern cloud technologies, automation frameworks, and enterprise-scale security challenges.
Accountabilities:
In this role, you will be responsible for designing and maintaining secure, scalable DevSecOps practices across the software delivery lifecycle. You will integrate security into CI/CD pipelines, ensuring continuous protection from development through production. Key responsibilities include:
- Designing, implementing, and maintaining secure CI/CD pipelines with embedded security testing at every stage of delivery
- Implementing and managing automated security scanning tools such as SAST, DAST, SCA, and container security solutions
- Supporting API security tooling and ensuring consistent reporting across security aggregation platforms
- Collaborating with development teams to embed secure coding practices and reduce vulnerabilities early in the lifecycle
- Ensuring adherence to compliance frameworks such as PCI-DSS, GDPR, SOC 2, and other industry standards
- Working closely with cloud and infrastructure teams to strengthen IAM, encryption, network security, and secrets management
- Mentoring junior engineers and driving a security-first mindset across engineering and DevOps teams
- Supporting continuous improvement of security posture across cloud-native environments and distributed systems
Requirements
This role requires strong software engineering fundamentals combined with hands-on DevSecOps and cloud security expertise. You should be comfortable working in modern cloud-native ecosystems and securing complex distributed systems. Key requirements include:
- 5+ years of software development experience in Python, Go, Java, JavaScript/TypeScript, or similar
- 3+ years of hands-on experience in DevSecOps or security engineering roles
- Strong understanding of OWASP principles and secure application development practices
- Deep expertise in cloud security across AWS, Azure, or GCP environments
- Experience with API security tools and platforms such as WAFs, Akamai, Cloudflare, or similar solutions
- Strong knowledge of CI/CD tools including Jenkins, GitHub Actions, GitLab CI, or CircleCI
- Hands-on experience with Infrastructure as Code tools such as Terraform, CloudFormation, or Ansible
- Solid understanding of cloud-native security domains including IAM, encryption, network security, and secrets management
- Strong communication skills with the ability to influence both technical and non-technical stakeholders
- Experience in compliance-driven environments and security auditing is highly desirable
Benefits
- Flexible benefits package including health insurance, retirement plans, parental leave, and wellbeing support
- Travel-related employee perks and discounts across global travel services
- Access to extensive learning platforms with 20,000+ courses and continuous upskilling opportunities
- Internal mobility and career development opportunities across global teams
- Inclusive work culture with employee resource groups and collaboration networks
- Strong emphasis on work-life balance and flexible working arrangements
- Exposure to large-scale cloud-native systems in a global enterprise environment.