Lead Architect

ROLE & RESPONSIBILITIES:

We are hiring a Senior DevSecOps / Security Engineer with 8+ years of experience securing AWS cloud, on-prem infrastructure, DevOps platforms, MLOps environments, CI/CD pipelines, container orchestration, and data/ML platforms. This role is responsible for creating and maintaining a unified security posture across all systems used by DevOps and MLOps teams — including AWS, Kubernetes, EMR, MWAA, Spark, Docker, GitOps, observability tools, and network infrastructure.

KEY RESPONSIBILITIES:

1.     Cloud Security (AWS)-

• Secure all AWS resources consumed by DevOps/MLOps/Data Science: EC2, EKS, ECS, EMR, MWAA, S3, RDS, Redshift, Lambda, CloudFront, Glue, Athena, Kinesis, Transit Gateway, VPC Peering.
• Implement IAM least privilege, SCPs, KMS, Secrets Manager, SSO & identity governance.
• Configure AWS-native security: WAF, Shield, GuardDuty, Inspector, Macie, CloudTrail, Config, Security Hub.
• Harden VPC architecture, subnets, routing, SG/NACLs, multi-account environments.
• Ensure encryption of data at rest/in transit across all cloud services.

2.     DevOps Security (IaC, CI/CD, Kubernetes, Linux)-

Infrastructure as Code & Automation Security:

• Secure Terraform, CloudFormation, Ansible with policy-as-code (OPA, Checkov, tfsec).
• Enforce misconfiguration scanning and automated remediation.

CI/CD Security:

• Secure Jenkins, GitHub, GitLab pipelines with SAST, DAST, SCA, secrets scanning, image scanning.
• Implement secure build, artifact signing, and deployment workflows.

Containers & Kubernetes:

• Harden Docker images, private registries, runtime policies.
• Enforce EKS security: RBAC, IRSA, PSP/PSS, network policies, runtime monitoring.
• Apply CIS Benchmarks for Kubernetes and Linux.

Monitoring & Reliability:

• Secure observability stack: Grafana, CloudWatch, logging, alerting, anomaly detection.
• Ensure audit logging across cloud/platform layers.

3.     MLOps Security (Airflow, EMR, Spark, Data Platforms, ML Pipelines)-

Pipeline & Workflow Security:

• Secure Airflow/MWAA connections, secrets, DAGs, execution environments.
• Harden EMR, Spark jobs, Glue jobs, IAM roles, S3 buckets, encryption, and access policies.

ML Platform Security:

• Secure Jupyter/JupyterHub environments, containerized ML workspaces, and experiment tracking systems.
• Control model access, artifact protection, model registry security, and ML metadata integrity.

Data Security:

• Secure ETL/ML data flows across S3, Redshift, RDS, Glue, Kinesis.
• Enforce data versioning security, lineage tracking, PII protection, and access governance.

ML Observability:

• Implement drift detection (data drift/model drift), feature monitoring, audit logging.
• Integrate ML monitoring with Grafana/Prometheus/CloudWatch.

4.     Network & Endpoint Security-

• Manage firewall policies, VPN, IDS/IPS, endpoint protection, secure LAN/WAN, Zero Trust principles.
• Conduct vulnerability assessments, penetration test coordination, and network segmentation.
• Secure remote workforce connectivity and internal office networks.

5.     Threat Detection, Incident Response & Compliance-

• Centralize log management (CloudWatch, OpenSearch/ELK, SIEM).
• Build security alerts, automated threat detection, and incident workflows.
• Lead incident containment, forensics, RCA, and remediation.
• Ensure compliance with ISO 27001, SOC 2, GDPR, HIPAA (as applicable).
• Maintain security policies, procedures, RRPs (Runbooks), and audits.

IDEAL CANDIDATE:

• 8+ years in DevSecOps, Cloud Security, Platform Security, or equivalent.
• Proven ability securing AWS cloud ecosystems (IAM, EKS, EMR, MWAA, VPC, WAF, GuardDuty, KMS, Inspector, Macie).
• Strong hands-on experience with Docker, Kubernetes (EKS), CI/CD tools, and Infrastructure-as-Code.
• Experience securing ML platforms, data pipelines, and MLOps systems (Airflow/MWAA, Spark/EMR).
• Strong Linux security (CIS hardening, auditing, intrusion detection).
• Proficiency in Python, Bash, and automation/scripting.
• Excellent knowledge of SIEM, observability, threat detection, monitoring systems.
• Understanding of microservices, API security, serverless security.
• Strong understanding of vulnerability management, penetration testing practices, and remediation plans.

EDUCATION:

• Master’s degree in Cybersecurity, Computer Science, Information Technology, or related field.
• Relevant certifications (AWS Security Specialty, CISSP, CEH, CKA/CKS) are a plus.

PERKS, BENEFITS AND WORK CULTURE:

• Competitive Salary Package
• Generous Leave Policy
• Flexible Working Hours
• Performance-Based Bonuses
• Health Care Benefits

Overview

adesso India specialises in optimization of core business processes for organizations. Our focus is on providing state-of-the-art solutions that streamline operations and elevate productivity to new heights.

Comprised of a team of industry experts and experienced technology professionals, we ensure that our software development and implementations are reliable, robust, and seamlessly integrated with the latest technologies. By leveraging our extensive knowledge and skills, we empower businesses to achieve their objectives efficiently and effectively.

Job Description

The client’s department DPS, Digital People Solutions, offers a sophisticated portfolio of IT applications, providing a strong foundation for professional and efficient People & Organization (P&O) and Business Management, both globally and locally, for a well-known German company listed on the DAX-40 index, which includes the 40 largest and most liquid companies on the Frankfurt Stock Exchange

We are seeking talented DevOps-Engineers with focus on Elastic Stack (ELK) to join our dynamic DPS team. In this role, you will be responsible for refining and advising on the further development of an existing monitoring solution based on the Elastic Stack (ELK). You will independently handle tasks related to architecture, setup, technical migration, and documentation.

The current application landscape features multiple Java web services running on JEE application servers, primarily hosted on AWS, and integrated with various systems such as SAP, other services, and external partners. DPS is committed to delivering the best digital work experience for the customers employees and customers alike.

Responsibilities:

Install, set up, and automate rollouts using Ansible/CloudFormation for all stages (Dev, QA, Prod) in the AWS Cloud for components such as Elastic Search, Kibana, Metric beats, APM server, APM agents, and interface configuration.

Create and develop regular "Default Dashboards" for visualizing metrics from various sources like Apache Webserver, application servers and databases.

Improve and fix bugs in installation and automation routines.

Monitor CPU usage, security findings, and AWS alerts.

Develop and extend "Default Alerting" for issues like OOM errors, datasource issues, and LDAP errors.

Monitor storage space and create concepts for expanding the Elastic landscape in AWS Cloud and Elastic Cloud Enterprise (ECE).

Implement machine learning, uptime monitoring including SLA, JIRA integration, security analysis, anomaly detection, and other useful ELK Stack features.

Integrate data from AWS CloudWatch.

Document all relevant information and train involved personnel in the used technologies.

Requirements:

Experience with Elastic Stack (ELK) components and related technologies.

Proficiency in automation tools like Ansible and CloudFormation.

Strong knowledge of AWS Cloud services.

Experience in creating and managing dashboards and alerts.

Familiarity with IAM roles and rights management.

Ability to document processes and train team members.

Excellent problem-solving skills and attention to detail.

Skills & Requirements

Elastic Stack (ELK), Elasticsearch, Kibana, Logstash, Beats, APM, Ansible, CloudFormation, AWS Cloud, AWS CloudWatch, IAM roles, AWS security, Automation, Monitoring, Dashboard creation, Alerting, Anomaly detection, Machine learning integration, Uptime monitoring, JIRA integration, Apache Webserver, JEE application servers, SAP integration, Database monitoring, Troubleshooting, Performance optimization, Documentation, Training, Problem-solving, Security analysis.

• 2+ years work experience in a DevOps or similar role
• Knowledge of OO programming and concepts (Java, C++, C#, Python)
• A drive towards automating repetitive tasks (e.g., scripting via Bash, Python, etc)
• Fluency in one or more scripting languages such as Python or Ruby.
• Familiarity with Microservice-based architectures
• Practical experience with Docker containerization and clustering (Kubernetes/ECS)
• In-depth, hands-on experience with Linux, networking, server, and cloud architectures.
• Experience with CI/CD tools Azure DevOps, AWS cloud formation, Lamda functions, Jenkins, and Ansible
• Experience with AWS, Azure, or another cloud PaaS provider.
• Solid understanding of configuration, deployment, management, and maintenance of large cloud-hosted systems; including auto-scaling, monitoring, performance tuning, troubleshooting, and disaster recovery
• Proficiency with source control, continuous integration, and testing pipelines
  
• Effective communication skills

• Deploy and maintain critical applications on cloud-native microservices architecture.
• Implement automation, effective monitoring, and infrastructure-as-code.
• Deploy and maintain CI/CD pipelines across multiple environments.
• Streamline the software development lifecycle by identifying pain points and productivity barriers and determining ways to resolve them.
• Analyze how customers are using the platform and help drive continuous improvement.
• Support and work alongside a cross-functional engineering team on the latest technologies.
• Iterate on best practices to increase the quality & velocity of deployments.
• Sustain and improve the process of knowledge sharing throughout the engineering team
• Identification and prioritization of technical debt that risks instability or creates wasteful operational toil.
• Own daily operational goals with the team.

Responsibilities:

• Writing and maintaining the automation for deployments across various cloud (AWS/Azure/GCP)
• Bring a passion to stay on top of DevOps trends, experiment, and learn new CI/CD technologies.
• Creating the Architecture Diagrams and documentation for various pieces
• Build tools and automation to improve the system's observability, availability, reliability, performance/latency, monitoring, emergency response

Requirements:

• 3 - 5 years of professional experience as a DevOps / System Engineer.
• Strong knowledge in Systems Administration & troubleshooting skills with Linux.
• Experience with CI/CD best practices and tooling, preferably Jenkins, Circle CI.
• Hands-on experience with Cloud platforms such as AWS/Azure/GCP or private cloud environments.
• Experience and understanding of modern container orchestration, Well-versed with the containerised applications (Docker, Docker-compose, Docker-swarm, Kubernetes).
• Experience in Infrastructure as code development using Terraform.
• Basic Networking knowledge VLAN, Subnet, VPC, Webserver like Nginx, Apache.
• Experience in handling different SQL and NoSQL databases (PostgreSQL, MySQL, Mongo).
• Experience with GIT Version Control Software.
• Proficiency in any programming or scripting language such as Shell Script, Python, Golang.
• Strong interpersonal and communication skills; ability to work in a team environment.

• AWS / Kubernetes Certifications: AWS Certified Solutions Architect / CKA.
• Setup and management of a Kubernetes cluster, including writing Docker files.
• Experience working in and advocating for agile environments.
• Knowledge in Microservice architecture.

Requirements and Qualifications

• Bachelor’s degree in Computer Science Engineering or in a related field
• 4+ years of experience
• Excellent analytical and problem-solving skills
• Strong knowledge of Linux systems and internals
• Programming experience in Python/Shell scripting
• Strong AWS skills with knowledge of EC2, VPC, S3, RDS, Cloudfront, Route53, etc
• Experience in containerization (Docker) and container orchestration (Kubernetes)
• Experience in DevOps & CI/CD tools such as Git, Jenkins, Terraform, Helm
• Experience with SQL & NoSQL databases such as MySql, MongoDB, and ElasticSearch
• Debugging and troubleshooting skills using tools such as strace, tcpdump, etc
• Good understanding of networking protocol and security concerns (VPN, VPC, IG, NAT, AZ, Subnet)
• Experience with monitoring and data analysis tools such as Prometheus, EFK, etc
• Good communication & collaboration skills and attention to details
• Participation in rotating on-call duties

Total Experience: 6 – 12 Years

Required Skills and Experience 

• 3+ years of relevant experience with DevOps tools Jenkins, Ansible, Chef etc
• 3+ years of experience in continuous integration/deployment and software tools development experience with Python and shell scripts etc
• Building and running Docker images and deployment on Amazon ECS
• Working with AWS services (EC2, S3, ELB, VPC, RDS, Cloudwatch, ECS, ECR, EKS)
• Knowledge and experience working with container technologies such as Docker and Amazon ECS, EKS, Kubernetes
• Experience with source code and configuration management tools such as Git, Bitbucket, and Maven
• Ability to work with and support Linux environments (Ubuntu, Amazon Linux, CentOS)
• Knowledge and experience in cloud orchestration tools such as AWS Cloudformation/Terraform etc
• Experience with implementing "infrastructure as code", “pipeline as code” and "security as code" to enable continuous integration and delivery
• Understanding of IAM, RBAC, NACLs, and KMS
• Good communication skills

Good to have:

• Strong understanding of security concepts, methodologies and apply them such as SSH, public key encryption, access credentials, certificates etc.
• Knowledge of database administration such as MongoDB.
• Knowledge of maintaining and using tools such as Jira, Bitbucket, Confluence.

Responsibilities

• Work with Leads and Architects in designing and implementation of technical infrastructure, platform, and tools to support modern best practices and facilitate the efficiency of our development teams through automation, CI/CD pipelines, and ease of access and performance.
• Establish and promote DevOps thinking, guidelines, best practices, and standards.
• Contribute to architectural discussions, Agile software development process improvement, and DevOps best practices.