Collaborate with development, security, and operations teams to integrate security best practices into the end-to-end Software Development Lifecycle (SDLC).
Implement and manage CI/CD (Jenkins, AWS DevOps) pipelines with integrated security controls, leveraging tools such as Octopus Deploy for automated, repeatable, and controlled application deployments across environments.
Automate security checks within CI/CD pipelines, including SAST, SCA, DAST, IaC scanning, and policy enforcement, in alignment with DevSecOps principles.
Develop, maintain, and optimize automated security testing, validation, and monitoring processes to identify vulnerabilities, perform code and configuration analysis, and ensure regulatory compliance.
Enforce security policies, standards, and procedures across applications, pipelines, and cloud environments, ensuring alignment with industry best practices and compliance requirements.
Continuously assess and enhance DevSecOps, deployment, and CloudOps processes, tools, and methodologies to improve security posture, operational resilience, and deployment reliability.
Foster strong collaboration between cross-functional teams (development, operations, security, CloudOps) by effectively communicating security requirements, deployment standards, and operational best practices.
Implement and operate monitoring and alerting solutions to detect security threats, deployment failures, and infrastructure anomalies, and generate operational and security reports.
Perform continuous monitoring of CI/CD pipelines, applications, servers, containers, and cloud resources to ensure availability, performance, and security compliance.
Provide Level 1 / Level 2 support for build failures, deployment issues (including Octopus Deploy release failures), and infrastructure or cloud-related alerts.
Create, maintain, and follow Standard Operating Procedures (SOPs), deployment runbooks, and CloudOps operational playbooks.
Open incident tickets, perform initial triage, and escalate issues to the appropriate engineering, security, or CloudOps teams as per defined escalation procedures.
Perform post-deployment validation checks, including smoke tests, rollback verification, and environment health validation using CI/CD and deployment tooling.
Verify service uptime, application health checks, monitoring dashboards, and log patterns to proactively identify potential issues.
Manage operational access tasks, including user access requests, secrets/token renewals, credential rotations, and password resets in CI/CD and cloud platforms.
Collect and analyze logs, metrics, and deployment artifacts to support higher-level debugging, RCA (Root Cause Analysis), and incident resolution.
Execute routine operational and CloudOps maintenance activities under supervision, including patching, certificate renewals, pipeline housekeeping, and deployment environment upkeep.
