Overview
Keysight is at the forefront of technology innovation, delivering breakthroughs and trusted insights in electronic design, simulation, prototyping, test, manufacturing, and optimization. Our 15,000 employees create world-class solutions in communications, 5G, automotive, energy, quantum, aerospace, defense, and semiconductor markets for customers in over 100 countries. Learn more about what we do.
Our award-winning culture embraces a bold vision of where technology can take us and a passion for tackling challenging problems with industry-first solutions. We believe that when people feel a sense of belonging, they can be more creative, innovative, and thrive at all points in their careers.
As a DevSecOps Engineer, you will design, implement, and maintain secure, automated infrastructure pipelines for enterprise software delivery. This role combines expertise in
infrastructure-as-code,
containerization, and
security compliance to ensure robust, scalable, and compliant deployments across hybrid environments.
Responsibilities
- Infrastructure Automation
- Develop and maintain Packer templates for creating hardened VM and container images, ensuring compliance with internal security standards.
- Collaborate with IT and product teams to streamline image pre-configuration for on-prem and cloud deployments.
- Containerization & Orchestration
- Build and manage multi-container environments using Docker Compose, Podman, and Kubernetes for application deployment.
- Evaluate and implement alternatives for container orchestration in secure or air-gapped environments.
- Create and maintain VMs both manually and via (CI/CD) provisioning.
- Security Integration
- Perform Black Duck scans and vulnerability assessments on source code, dependencies, and container images to meet SSDF and compliance requirements.
- Address identified security issues by upgrading components and mitigating risks in CI/CD pipelines.
- Collaborate with product security teams to enforce best practices for open-source compliance and license management.
- Continuous Improvement
- Integrate security scanning tools (e.g., Black Duck Detect, VMT) into Jenkins and other CI/CD platforms.
- Monitor and optimize performance of security tools and container platforms, ensuring minimal downtime during maintenance windows.
- Documentation
- Create instructions for both internal teams and customers to deploy, maintain, and upgrade images.
- Include documentation in the CI/CD pipeline.
Qualifications
- Strong experience with Packer, Docker, Docker Compose, and container orchestration tools (Kubernetes, Podman).
- Experience programming with Python, bash, etc.
- Proficiency in CI/CD pipelines and automation frameworks (Jenkins, GitLab CI).
- Hands-on experience with security scanning tools (Black Duck, SCA solutions) and remediation workflows.
- Knowledge of Linux administration and secure image creation for Debian/RHEL/Alpine environments.
- Familiarity with compliance frameworks (SSDF, legal open-source reviews).
- Strong collaboration skills to work with cross-functional teams (IT, Product Security, R&D).
Preferred Qualifications
- Experience deploying solutions in air-gapped or high-security environments.
- Understanding of cloud-native security practices and container runtime hardening.
- Full stack development experience.
Note:Any use of AI assistance during interviews will result in immediate disqualification for this position.
Careers Privacy Statement***Keysight is an Equal Opportunity Employer.***
