Sr. Devops Engineer

ROLE & RESPONSIBILITIES:

We are hiring a Senior DevSecOps / Security Engineer with 8+ years of experience securing AWS cloud, on-prem infrastructure, DevOps platforms, MLOps environments, CI/CD pipelines, container orchestration, and data/ML platforms. This role is responsible for creating and maintaining a unified security posture across all systems used by DevOps and MLOps teams — including AWS, Kubernetes, EMR, MWAA, Spark, Docker, GitOps, observability tools, and network infrastructure.

KEY RESPONSIBILITIES:

1.     Cloud Security (AWS)-

• Secure all AWS resources consumed by DevOps/MLOps/Data Science: EC2, EKS, ECS, EMR, MWAA, S3, RDS, Redshift, Lambda, CloudFront, Glue, Athena, Kinesis, Transit Gateway, VPC Peering.
• Implement IAM least privilege, SCPs, KMS, Secrets Manager, SSO & identity governance.
• Configure AWS-native security: WAF, Shield, GuardDuty, Inspector, Macie, CloudTrail, Config, Security Hub.
• Harden VPC architecture, subnets, routing, SG/NACLs, multi-account environments.
• Ensure encryption of data at rest/in transit across all cloud services.

2.     DevOps Security (IaC, CI/CD, Kubernetes, Linux)-

Infrastructure as Code & Automation Security:

• Secure Terraform, CloudFormation, Ansible with policy-as-code (OPA, Checkov, tfsec).
• Enforce misconfiguration scanning and automated remediation.

CI/CD Security:

• Secure Jenkins, GitHub, GitLab pipelines with SAST, DAST, SCA, secrets scanning, image scanning.
• Implement secure build, artifact signing, and deployment workflows.

Containers & Kubernetes:

• Harden Docker images, private registries, runtime policies.
• Enforce EKS security: RBAC, IRSA, PSP/PSS, network policies, runtime monitoring.
• Apply CIS Benchmarks for Kubernetes and Linux.

Monitoring & Reliability:

• Secure observability stack: Grafana, CloudWatch, logging, alerting, anomaly detection.
• Ensure audit logging across cloud/platform layers.

3.     MLOps Security (Airflow, EMR, Spark, Data Platforms, ML Pipelines)-

Pipeline & Workflow Security:

• Secure Airflow/MWAA connections, secrets, DAGs, execution environments.
• Harden EMR, Spark jobs, Glue jobs, IAM roles, S3 buckets, encryption, and access policies.

ML Platform Security:

• Secure Jupyter/JupyterHub environments, containerized ML workspaces, and experiment tracking systems.
• Control model access, artifact protection, model registry security, and ML metadata integrity.

Data Security:

• Secure ETL/ML data flows across S3, Redshift, RDS, Glue, Kinesis.
• Enforce data versioning security, lineage tracking, PII protection, and access governance.

ML Observability:

• Implement drift detection (data drift/model drift), feature monitoring, audit logging.
• Integrate ML monitoring with Grafana/Prometheus/CloudWatch.

4.     Network & Endpoint Security-

• Manage firewall policies, VPN, IDS/IPS, endpoint protection, secure LAN/WAN, Zero Trust principles.
• Conduct vulnerability assessments, penetration test coordination, and network segmentation.
• Secure remote workforce connectivity and internal office networks.

5.     Threat Detection, Incident Response & Compliance-

• Centralize log management (CloudWatch, OpenSearch/ELK, SIEM).
• Build security alerts, automated threat detection, and incident workflows.
• Lead incident containment, forensics, RCA, and remediation.
• Ensure compliance with ISO 27001, SOC 2, GDPR, HIPAA (as applicable).
• Maintain security policies, procedures, RRPs (Runbooks), and audits.

IDEAL CANDIDATE:

• 8+ years in DevSecOps, Cloud Security, Platform Security, or equivalent.
• Proven ability securing AWS cloud ecosystems (IAM, EKS, EMR, MWAA, VPC, WAF, GuardDuty, KMS, Inspector, Macie).
• Strong hands-on experience with Docker, Kubernetes (EKS), CI/CD tools, and Infrastructure-as-Code.
• Experience securing ML platforms, data pipelines, and MLOps systems (Airflow/MWAA, Spark/EMR).
• Strong Linux security (CIS hardening, auditing, intrusion detection).
• Proficiency in Python, Bash, and automation/scripting.
• Excellent knowledge of SIEM, observability, threat detection, monitoring systems.
• Understanding of microservices, API security, serverless security.
• Strong understanding of vulnerability management, penetration testing practices, and remediation plans.

EDUCATION:

• Master’s degree in Cybersecurity, Computer Science, Information Technology, or related field.
• Relevant certifications (AWS Security Specialty, CISSP, CEH, CKA/CKS) are a plus.

PERKS, BENEFITS AND WORK CULTURE:

• Competitive Salary Package
• Generous Leave Policy
• Flexible Working Hours
• Performance-Based Bonuses
• Health Care Benefits

Roles & Responsibilities:

• Bachelor’s degree in Computer Science, Information Technology or a related field

• Experience in designing and maintaining high volume and scalable micro-services architecture on cloud infrastructure

• Knowledge in Linux/Unix Administration and Python/Shell Scripting

• Experience working with cloud platforms like AWS (EC2, ELB, S3, Auto-scaling, VPC, Lambda), GCP, Azure

• Knowledge in deployment automation, Continuous Integration and Continuous Deployment (Jenkins, Maven, Puppet, Chef, GitLab) and monitoring tools like Zabbix, Cloud Watch Monitoring, Nagios Knowledge of Java Virtual Machines, Apache Tomcat, Nginx, Apache Kafka, Microservices architecture, Caching mechanisms

• Experience in enterprise application development, maintenance and operations

• Knowledge of best practices and IT operations in an always-up, always-available service

• Excellent written and oral communication skills, judgment and decision-making skills

The candidates should have:

·  Strong knowledge on Windows and Linux OS

·   Experience working in Version Control Systems like git

·  Hands-on experience in tools Docker, SonarQube, Ansible, Kubernetes, ELK.

·  Basic understanding of SQL commands

·  Experience working on Azure Cloud DevOps

• Essentail Skills:
• Docker
• Jenkins
• Python dependency management using conda and pip

• Base Linux System Commands, Scripting
• Docker Container Build & Testing
• Common knowledge of minimizing container size and layers
• Inspecting containers for un-used / underutilized systems
• Multiple Linux OS support for virtual system

• Has experience as a user of jupyter / jupyter lab to test and fix usability issues in workbenches
• Templating out various configurations for different use cases (we use Python Jinja2 but are open to other languages / libraries)
• Jenkins PIpeline
• Github API Understanding to trigger builds, tags, releases
• Artifactory Experience
• Nice to have: Kubernetes, ArgoCD, other deployment automation tool sets (DevOps)

Position: DevOps Engineer

Job Description

The candidate should have the following Skills:

- Hands-on experience with DevOps & CICD open source tools (Jenkins, ), including AWS DevOps services (CodePipeline, CloudFormation, etc).

- Experience in building and deploying using Java/Python/Node.js on Cloud infrastructure (Docker or Kubernetes containers or Lambda.)

- Exposure to Cloud operations, releases, and configuration management

- Experience in implementing Non-functional requirements for microservices, including performance, security, compliance, HA and Disaster Recovery.

- Good soft skills, great attitude, and passion for working in a product startup environment

Total Experience of 2-5 years post BE or BTech or MCA in Computer Science Engineering.

• Have 3+ years of experience in Python development
• Be familiar with common database access patterns
• Have experience with designing systems and monitoring metrics, looking at graphs.
• Have knowledge of AWS, Kubernetes and Docker.
• Be able to work well in a remote development environment.
• Be able to communicate in English at a native speaking and writing level.
• Be responsible to your fellow remote team members.
• Be highly communicative and go out of your way to contribute to the team and help others

As DevOps Engineer, you are responsible to setup and maintain GIT repository, DevOps tools like Jenkins, UCD, Docker, Kubernetes, Jfrog Artifactory, Cloud monitoring tools, Cloud security.

• Setup, configure, and maintain GIT repos, Jenkins, UCD, etc. for multi hosting cloud environments.
• Architect and maintain the server infrastructure in AWS. Build highly resilient infrastructure following industry best practices.
• Working on Docker images and maintaining Kubernetes clusters.
• Develop and maintain the automation scripts using Ansible or other available tools.
• Maintain and monitor cloud Kubernetes Clusters and patching when necessary.
• Working on Cloud security tools to keep applications secured.
• Participate in software development lifecycle, specifically infra design, execution, and debugging required to achieve successful implementation of integrated solutions within the portfolio.
• Required Technical and Professional Expertise.

• Minimum 4-6 years of experience in IT industry.
• Expertise in implementing and managing Devops CI/CD pipeline.
• Experience in DevOps automation tools. And Very well versed with DevOps Frameworks, Agile.
• Working knowledge of scripting using shell, Python, Terraform, Ansible or puppet or chef.
• Experience and good understanding in any of Cloud like AWS, Azure, Google cloud.
• Knowledge of Docker and Kubernetes is required.
• Proficient in troubleshooting skills with proven abilities in resolving complex technical issues.
• Experience with working with ticketing tools.
• Middleware technologies knowledge or database knowledge is desirable.
• Experience and well versed with Jira tool is a plus.

A wholesome opportunity in a fast-paced environment will enable you to juggle between concepts yet maintain the quality of content, interact, share your ideas, and have loads of learning while at work. Work with a team of highly talented young professionals and enjoy the benefits of being at Xoxoday.

A fast-growing SaaS commerce company based in Bangalore with offices in Delhi, Mumbai, SF, Dubai, Singapore, and Dublin. We have three products in our portfolio: Plum, Empuls, and Compass. Xoxoday works with over 1000 global clients. We help our clients engage and motivate their employees, sales teams, channel partners, or consumers for better business results.

We look forward to connecting with you. As you may take time to review this opportunity, we will wait for a reasonable time of around 3-5 days before we screen the collected applications and start lining up job discussions with the hiring manager. However, we assure you that we will attempt to maintain a reasonable time window for successfully closing this requirement. The candidates will be kept informed and updated on the feedback and application status.