<p>Roles & Responsibilities</p> <ol> <li>Secure SDLC & Application Security · Embed security controls at every stage of the SDLC. </li></ol> <ul> <li>Conduct threat modeling, secure code reviews, and risk assessments. </li><li>Implement SAST, DAST, SCA tools and interpret results for development teams. </li><li>Enforce secure coding standards and promote security-first development culture. </li></ul> <ol start="2"> <li>CI/CD Pipeline Security </li></ol> <ul> <li>Build and maintain secure CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, Azure DevOps). </li><li>Automate security scanning and policy enforcement in build and deployment workflows. </li><li>Integrate secrets management and environment hardening into pipelines. </li></ul> <ol start="3"> <li>Cloud & Infrastructure Security </li></ol> <ul> <li>Implement Infrastructure as Code (IaC) security reviews using Terraform, CloudFormation, ARM, or Pulumi. </li><li>Validate and enforce cloud security best practices (AWS, Azure, GCP). </li><li>Deploy and maintain cloud-native security tools such as AWS GuardDuty, Azure Defender, GCP SCC. </li></ul> <ol start="4"> <li>Container & Kubernetes Security </li></ol> <ul> <li>Build secure container images and manage scanning (Trivy, Aqua, Clair, Prisma Cloud). </li><li>Enforce Kubernetes hardening controls (RBAC, network policies, pod security). </li><li>Monitor cluster security posture and remediate vulnerabilities. </li></ul> <ol start="5"> <li>Security Automation & Tooling </li></ol> <ul> <li>Develop automated playbooks/scripts using Python, Bash, or PowerShell. </li><li>Integrate SIEM/SOAR platforms with build/deployment workflows. </li><li>Automate vulnerability management workflows and remediation processes. </li></ul> <ol start="6"> <li>Compliance & Governance </li></ol> <ul> <li>Support adherence to NIST, ISO 27001, SOC 2, PCI-DSS, and internal security policies. </li><li>Implement guardrails and policy-as-code using OPA, Conftest, or AWS/Azure policy engines. </li><li>Produce audit-ready documentation and reporting. </li></ul> <ol start="7"> <li>Monitoring & Incident Response </li></ol> <ul> <li>Integrate security telemetry into pipelines and cloud environments. </li><li>Respond to and triage security incidents related to CI/CD, code, or cloud workloads. </li><li>Conduct root-cause analysis and implement preventative measures. </li></ul> <p>Experience Required 10+ yrs</p> <p>Required Skills & Qualifications</p> <ul> <li>3-7+ years experience in Cybersecurity, DevSecOps, or Cloud Security roles. </li><li>Strong programming/scripting abilities (Python, Go, Bash, or PowerShell). </li><li>Hands-on experience with CI/CD tools and automation. </li><li>Solid understanding of security vulnerabilities such as OWASP Top 10, CWE, CVE. </li><li>Experience with containers and Kubernetes security. · Familiarity with microservices, APIs, and distributed systems. </li><li>Knowledge of cloud networking, identity, secrets management, and encryption. </li></ul> <p>Salary Range: $95,000 - $130,000 a year</p> <ul> <li>#LI-NR3 </li></ul> <p>TCS Employee Benefits Summary:</p> <ul> <li>Discretionary Annual Incentive. </li><li>Comprehensive Medical Coverage: Medical & Health, Dental & Vision, Disability Planning & Insurance, Pet Insurance Plans. </li><li>Family Support: Maternal & Parental Leaves. </li><li>Insurance Options: Auto & Home Insurance, Identity Theft Protection. </li><li>Convenience & Professional Growth: Commuter Benefits & Certification & Training Reimbursement. </li><li>Time Off: Vacation, Time Off, Sick Leave & Holidays. </li><li>Legal & Financial Assistance: Legal Assistance, 401K Plan, Performance Bonus, College Fund, Student Loan Refinancing. </li></ul>