DevSec Ops Engineer

About the Role

Location: Remote | Bangalore

Employment Type: Full-Time 

Working Hours overlap with the USA team

At LeanSys Pvt. Ltd ., we're looking for a Lead DevSecOps Engineer to lead our security testing initiatives for cloud applications hosted on Azure and AWS . You'll own a security strategy while integrating security practices across our software development lifecycle. Drive compliance readiness and build resilience against cyber threats.

What You'll Do

Security Testing & Vulnerability Management

- Execute comprehensive Vulnerability Assessment and Penetration Testing (VAPT) across network assets, servers, firewalls, endpoints, and cloud services

- Identify misconfigurations, patch gaps, and exploitable vulnerabilities across Azure and AWS environments

- Perform regular penetration tests and security assessments

- Apply patches, recommend fixes, and drive security improvements

Compliance & Certification

- Lead PCI DSS certification efforts for cloud-hosted applications

- Implement and enforce security policies aligned with SOC2, PCI DSS, and GDPR standards

- Conduct internal audits and support external compliance assessments

- Maintain detailed documentation of security configurations, risk assessments, and audit trails

Architecture & Design

- Define security testing strategy and roadmap

- Develop security architectures for new systems and cloud deployments

- Integrate security controls into software and CI/CD pipelines

- Configure and manage firewalls, VPNs, IDS/IPS systems

Threat Monitoring & Incident Response

- Monitor network traffic and cloud environments for malicious activity

- Investigate security breaches and coordinate incident response

- Develop and maintain incident response playbooks

- Lead forensic analysis and ensure rapid recovery from security events

What You'll Deliver

- Security assessment and vulnerability reports with severity ratings

- Remediation recommendations and prioritized action plans

- Executive summary reports for leadership and auditors

- PCI DSS compliance documentation and certification support

- Quarterly security architecture reviews

What You Bring

Required Skills & Experience

- 5+ years in security engineering, penetration testing, or vulnerability assessment

- Hands-on experience with **Azure** and **AWS** security services and configurations

- Strong knowledge of **PCI DSS** compliance requirements and certification process

- Proficiency with VAPT tools (Burp Suite, Nessus, Qualys, Metasploit, etc.)

- Experience with network security: firewalls, VPNs, IDS/IPS, SIEM solutions

- Understanding of SOC2 and GDPR compliance frameworks

- Ability to translate technical findings into executive-level reports

Preferred Qualifications

- Security certifications: OSCP, CEH, CISSP, CISM, or equivalent

- Cloud security certifications: AWS Security Specialty, Azure Security Engineer

- Experience with DevSecOps and CI/CD pipeline security

- Background in incident response and digital forensics

- Familiarity with infrastructure-as-code security scanning

- Experience with AI/ML tools in DevSecOps activities

Compensation & Benefits Up to ₹30 Lakhs per annum (based on experience and expertise)

• Employee well-being program to help our team members maintain a happier and healthier work-life
• Professional development and certification support

Ready to secure your future?

Share your resume and the following details.

Expected CTC :

Earliest Joining Date :

Note: This role requires an overlap of working hours with the customer's team in the USA. Often working hours overlap from 8 PM to 1 AM IST, while the remaining hours are flexible