Browse
···
Log in / Register
Job Summary: SCCON Geospatial is seeking a SecDevOps Engineer to lead the integration of security into development pipelines and containers, strengthening cloud operations and automation. Key Highlights: 1. Lead the integration of security into development pipelines and containers 2. Focus on CI/CD, SAST/DAST, IaC Security, and Container Security 3. Promote the shift-left security concept across all workflows SCCON Geospatial is expanding our DevSecOps culture and seeks a SecDevOps Engineer to lead the integration of security into development pipelines and containers, strengthening our cloud and automation operations. Mission Ensure that the entire development, build, and deployment lifecycle in OCI is secure and automated, with security embedded in code, pipelines, and infrastructure. The SecDevOps Engineer will focus on CI/CD, SAST/DAST, IaC Security, Container Security, and Compliance Automation, promoting the shift\-left security concept across all development workflows. **Key Responsibilities:** Design and implement CI/CD pipelines (GitLab / Jenkins / BitBucket) with automated security checks. Integrate SAST/DAST tools (SonarQube, OWASP ZAP, Trivy, Checkov) directly into the pipeline. Implement IaC Security and Container Hardening policies (Terraform, tfsec, OKE). Automate secure verifications and deployments in OCI environments (Compute, OKE, Registry, LB). Integrate Cloudflare Zero Trust / WAF / Gateway into delivery automation and monitoring. Create security audit and metrics pipelines (Grafana / Power BI). Support development squads in secure coding practices and pipeline gating. Contribute to the DevSecOps roadmap (Foundational \- Operational \- Strategic). **Requirements:** **Technical Requirements:** Experience with CI/CD pipelines (GitLab, Jenkins, GitHub Actions). Proficiency in SAST, DAST, IaC, and Container Security tools (SonarQube, ZAP, tfsec, Trivy, Checkov, Clair). Experience with AWS, Google Cloud, or OCI (OKE, Registry, Load Balancer, Object Storage). Knowledge of Terraform / Ansible / Kubernetes / Docker. Automation using Python / Bash / APIs (OCI, Cloudflare, Google). Practical knowledge of OWASP, NIST, CIS Controls, and secure SDLC. **Preferred Qualifications:** OCI Security Associate / Cloudflare Zero Trust / Kubernetes Administrator (CKA) certifications. Experience automating compliance pipelines. Hands-on experience with monitoring (Grafana, Prometheus). Participation in DevSecOps / Cloud Security Maturity programs. Advanced English proficiency **Frameworks and References:** OWASP SAMM \| NIST CSF \| CIS Controls v8 \| ISO 27001 \| LGPD
