DevSecOps Engineer

About the Role

As a DevSecOps Engineer at Naveera, you'll build and strengthen the security foundation across our cloud infrastructure, CI/CD systems, application delivery workflows, and internal engineering operations. You will work at the intersection of security, DevOps, and platform engineering to ensure our environments are secure by default, continuously validated, and resilient as we scale. This role is ideal for someone who understands how modern infrastructure is built and deployed, can identify and reduce risk across the stack, and can turn security practices into practical systems that engineers can actually use.

Responsibilities

• Own security across cloud infrastructure, CI/CD pipelines, Kubernetes environments, and platform operations
• Design and implement secure-by-default infrastructure, deployment, and access control patterns across engineering systems
• Harden cloud environments, workloads, secrets handling, IAM configurations, and network boundaries
• Integrate security checks into CI/CD pipelines, including code scanning, dependency scanning, secret scanning, container scanning, and policy enforcement
• Build and maintain security guardrails for Terraform, Kubernetes, cloud services, and application deployment workflows
• Monitor, investigate, and respond to security findings across infrastructure, pipelines, containers, and production systems
• Work closely with engineering teams to remediate vulnerabilities, reduce exposure, and improve secure development practices
• Define and enforce policies for secrets management, least-privilege access, environment separation, and secure service-to-service communication
• Support incident response, forensic investigation, and post-incident hardening for security-related events
• Evaluate and improve logging, auditability, alerting, and observability from a security operations perspective
• Help establish security standards, review processes, and engineering playbooks for secure releases and operational changes
• Collaborate with backend, frontend, DevOps, and product teams to balance security, reliability, and delivery speed

Required Qualifications

• 3+ years of experience in DevSecOps, cloud security, security engineering, infrastructure security, or related roles
• Strong understanding of modern cloud and infrastructure security principles
• Hands-on experience with CI/CD pipeline security, secrets management, IAM, and access control design
• Experience securing Kubernetes environments and containerized workloads in production
• Experience with infrastructure as code, especially Terraform, and ability to review or build secure infrastructure patterns
• Strong understanding of vulnerability management across code, dependencies, containers, and cloud configurations
• Experience with security tooling such as SAST, DAST, dependency scanning, container scanning, and secret scanning
• Ability to investigate security findings and work pragmatically with engineers to remediate issues
• Strong scripting or coding ability in at least one language such as Python, Go, Bash, or similar
• Strong understanding of networking fundamentals, TLS, certificates, authentication, authorization, and secure communications
• Ability to write clear documentation, standards, and technical guidance for secure engineering practices

Preferred Qualifications

• Experience with Oracle Cloud Infrastructure in production environments
• Experience securing Kubernetes clusters, ingress layers, service meshes, and cloud-native workloads
• Familiarity with GitHub Advanced Security, Snyk, Trivy, Semgrep, Checkov, or similar security tools
• Experience implementing policy-as-code, admission controls, runtime security, or compliance automation
• Experience with SOC 2, HIPAA, or other security/compliance-oriented environments
• Experience with incident response, threat modeling, security reviews, and infrastructure hardening at scale
• Familiarity with observability and SIEM tooling such as Datadog, Grafana, ELK, Loki, or similar
• Experience working in startup environments where security needs to scale alongside product and infrastructure growth