Cloud DevSecOps Engineer

Job SummarySynechron is seeking an experienced Cloud DevSecOps Engineer to embed security into cloud delivery pipelines and operational workflows. This role will focus on enabling secure, automated, and scalable cloud deployments within a shared responsibility model. The successful candidate will develop and maintain secure CI/CD pipelines, integrate security controls, and support cloud automation initiatives, ensuring that security and operational excellence are integral to our cloud transformation efforts and contribute to reliable and compliant cloud environments.Technical RequirementsRequiredGit and GitHub/GitLab (version control and peer review workflows)Infrastructure‑as‑Code tools (Terraform, Bicep, ARM templates)CI/CD tools (Azure DevOps, Jenkins, GitHub Actions)Security tools (Static Application Security Testing—SAST, Dynamic Application Security Testing—DAST, IaC scanning tools such as Checkov or tfsec)Secrets management systems (Azure Key Vault, HashiCorp Vault)PreferredCloud security and compliance monitoring tools (Azure Security Center, AWS Security Hub)Container orchestration (Kubernetes, AKS)Configuration management tools (Ansible, Chef, Puppet)Overall ResponsibilitiesDesign, build, and continuously improve secure CI/CD pipelines integrated with security controls such as code scanning, secrets management, and infrastructure scanning.Automate cloud infrastructure provisioning and deployment using Infrastructure‑as‑Code.Embed security practices like vulnerability scanning, secrets management, and compliance validation into delivery workflows (shift‑left security).Establish and promote standardized deployment patterns to improve reliability and operational risk mitigation.Support application teams with automation initiatives, cloud migrations, and performance optimization.Collaborate with platform, security, and operations teams to enhance security posture, pipeline integrity, and operational efficiency.Monitor pipeline and platform security, troubleshoot issues, and implement continuous improvement processes.Technical Skills (By Category)Programming LanguagesRequired: Bash, PowerShell scriptingPreferred: Python, YAML, GroovyDatabases / Data ManagementNot typically core; familiarity with cloud‑native database security best practices (Azure SQL, Cosmos DB) is advantageous.Cloud TechnologiesRequired: Azure cloud services (Azure DevOps, Azure Security Center, Key Vault, AKS, and other Azure infrastructure components)Preferred: Multi‑cloud awareness (AWS, GCP) and hybrid cloud integrations.Development Tools and MethodologiesRequired: Git, Azure DevOps, Jenkins, GitLab, CI/CD pipeline design, Agile/Scrum practicesPreferred: GitOps principles, Infrastructure‑as‑Code practices, DevSecOps frameworks.Security ProtocolsRequired: Security best practices in cloud environments, secrets management, access controls, vulnerability scanning, compliance standards (ISO, SOC, GDPR).Preferred: Implementation of security guardrails, API security, and automated compliance validation.Experience Requirements5 to 6 years of hands‑on experience in cloud engineering and DevOps/SecOps roles.Proven expertise in building and managing secure automation pipelines in cloud environments, especially Azure.Deep understanding of CI/CD principles, GitOps, and infrastructure as code.Experience integrating security controls such as code scans, IaC scans, secrets management, and compliance checks into automated workflows.Industry experience in regulated sectors or enterprise‑scale cloud deployments highly preferred.Alternative pathways include extensive DevOps experience in other cloud providers coupled with strong Azure security proficiency.Day‑to‑Day ActivitiesDevelop, implement, and optimize secure CI/CD pipelines aligned with best practices and governance standards.Automate cloud infrastructure deployment using IaC, ensuring security and compliance are embedded from the start.Conduct security assessments of pipelines, identify vulnerabilities, and implement mitigation strategies.Collaborate with development teams for automation, migrations, and operational enhancements.Participate in security reviews, continuous improvement initiatives, and incident troubleshooting sessions.Maintain documentation of pipeline configurations, security controls, and deployment standards.Regularly review pipeline practices to enhance reliability, security, and operational efficiency.QualificationsBachelor’s degree in Computer Science, Information Technology, or related field; equivalent professional experience acceptable.Certifications such as Certified DevSecOps Engineer, Azure Security Engineer Associate, or equivalents are preferred.Formal training or certifications in cloud security, infrastructure as code, or related disciplines are advantageous.Commitment to ongoing learning and staying current with DevSecOps best practices and cloud security advancements.Professional CompetenciesAnalytical mindset with strong problem‑solving skills.Leadership in