The DevSecOps Engineer is responsible for designing, developing, and executing DevSecOps practices that seamlessly integrate Development, Security, and Operations.
The primary objective is to guarantee the construction and deployment of secure, reliable, and fast systems and applications, achieving an optimal balance between operational efficiency and stringent cybersecurity requirements.
Key Responsibilities & Periodic Tasks CI/CD Pipeline Architecture: Design, implement, and maintain continuous integration and continuous delivery (CI/CD) pipelines with embedded, automated security gates.
Deployment Automation: Automate deployment, testing, and system monitoring processes using industry-standard DevOps tools (e.
g., Jenkins, GitLab CI/CD, Azure DevOps).
Security Integration: Seamlessly integrate cybersecurity validation tools into the software development lifecycle (SDLC), specifically Static & Dynamic Application Security Testing (SAST/DAST) and source code analysis.
Infrastructure Management: Monitor cloud and hybrid infrastructure setups, ensuring absolute alignment with organizational security benchmarks and compliance standards.
Containerization & Orchestration: Manage containerized environments and enterprise orchestration platforms (Kubernetes, Docker).
Infrastructure as Code (IaC): Contribute to and implement scalable IaC strategies utilizing automation tools such as Terraform and Ansible.
Performance & Vulnerability Monitoring: Oversee system performance, track resource utilization, and ensure early identification, isolation, and remediation of security vulnerabilities.
Cross-Functional Collaboration: Partner closely with software development, cybersecurity, and core infrastructure teams to guarantee flawless component integration.
Reporting & Optimization: Generate periodic operational reports covering system health, security compliance metrics, and deployment delivery performance.
Stay current with emerging DevSecOps trends to continuously mature the ecosystem.
Key Performance Indicators (KPIs) & Reporting Metrics Continuous monitoring of software releases, builds, and live deployment cycles.
Measurable optimization and throughput efficiency of automated pipelines.
Documentation of all infrastructure/application changes, patches, and version releases.
Adherence to strict incident response and technical support resolution metrics defined in the tender’s Service Level Agreement (SLA).
Medical Insurance Social Insurance Iqama Issuing Air tickets Bachelor’s degree in Information Technology, Software Engineering, Computer Science, or a closely related technical field.
Minimum of 3+ years of proven, hands-on experience in DevOps engineering, operations architecture, or systems development.
Robust knowledge of Source Code Management (SCM) systems (Git, GitHub, GitLab).
Practical experience managing container environments and enterprise cloud infrastructures (AWS, Azure, GCP).
Foundational mastery of application security, network security, and local/international compliance frameworks (e.
g., Saudi NCA standards , ISO 27001, NIST).
Preferred Professional Certifications: Certified Kubernetes Administrator (CKA) AWS Certified DevOps Engineer / Azure DevOps Engineer Expert DevSecOps Foundation (or equivalent validation) Certified Ethical Hacker (CEH) or CompTIA Security+ (to validate the cybersecurity focus)
