Senior/Lead DevSecOps Engineer job opportunity at Capgemini SE.

Home Jobs In Same As Address Tag: Job Senior/Lead DevSecOps Engineer position at Capgemini SE


bot
Capgemini SE Senior/Lead DevSecOps Engineer
Experience: Professional
Pattern: Permanent
Walk In
apply Apply Now
Salary:
Status:

Job

Copy Link Report
degreeOND
Hiring inbound within Manila

Choosing Capgemini means choosing a company where you will be empowered to shape your career in the way you’d like, where you’ll be supported and inspired by a collaborative community of colleagues around the world, and where you’ll be able to reimagine what’s possible. Join us and help the world’s leading organizations unlock the value of technology and build a more sustainable, more inclusive world. Job Description: Senior/Lead DevSecOps Engineer Job Description The Senior/Lead DevSecOps Engineer is a highly skilled technical leader responsible for embedding a 'security-first' culture and ensuring that security is a seamless and automated component of the entire Software Development Life Cycle (SDLC). This role requires a sophisticated blend of security expertise, development background, and operations knowledge to champion and drive the adoption of DevSecOps best practices across all engineering teams. The successful candidate will design and implement robust, scalable, and compliant security controls, with an emphasis on automation and shift-left security, to protect critical applications and infrastructure.The ideal candidate will transform our approach to security, moving it from a gateway function to a foundational element of our rapid development process. Experience in a heavily regulated environment, such as banking, is a significant advantage, demonstrating proficiency in managing strict compliance frameworks, financial data protection, and system resilience. Key Responsibilities: Core Functions and Leadership A. DevSecOps Strategy & ImplementationArchitect and Implement Secure CI/CD Pipelines: Design, build, and maintain automated and secure Continuous Integration/Continuous Delivery (CI/CD) pipelines, integrating state-of-the-art security tools.Infrastructure as Code (IaC) Security: Define security standards for and ensure compliance of all cloud and infrastructure provisioning using IaC tools (e.g., Terraform, CloudFormation). Implement automated security scanning and validation for all IaC templates.Secrets Management: Design, implement, and operate robust solutions for managing, auditing, and rotating application secrets, keys, and credentials (e.g., HashiCorp Vault, AWS/Azure Secrets Manager), minimizing the risk of exposure.Security Automation: Maximize automation for all security tasks, including configuration management, vulnerability scanning, compliance checks, and security patch deployment to enhance efficiency and consistency.B. Security Governance & Compliance (Banking Focus)  Regulatory Compliance: (Banking experience a plus) Ensure all DevSecOps practices and deployed systems comply with stringent industry regulations and standards such as PCI DSS, SOC 2, NIST, GDPR, and internal banking security and risk policies.Threat Modeling & Risk Assessment: Lead threat modeling exercises for new features and systems early in the SDLC ('Shift Left') to proactively identify and mitigate security risks before code is written.Continuous Monitoring: Establish continuous security monitoring, logging, and alerting for applications and infrastructure, integrating security information and event management (SIEM) systems to detect and respond to threats in real-time.C. Collaboration, Mentorship & OwnershipCross-Functional Liaison: Act as the primary liaison between Development, Operations, and Information Security teams to foster a culture of shared security ownership.Secure Coding Advocacy: Mentor and provide training to development teams on secure coding practices, DevSecOps principles, and the effective use of integrated security tooling.Incident Response Support: Partner with the Security Operations Center (SOC) to provide Level 3 expertise during security incidents, focusing on rapid containment, root cause analysis, and automating remediation.Qualifications: Technical Skills and ExperienceThe ideal candidate will possess a strong technical background, proven leadership experience, and specific expertise in the tools and methodologies that drive modern DevSecOps practice. A. Essential Technical Qualifications and Top TechnologiesAreaTechnologies / SkillsElaborationCloud PlatformsAWS, Azure, or GCPDeep expertise in securing large-scale cloud environments, including security groups, IAM/Zero Trust models, and cloud-native security services.CI/CD ToolsJenkins, GitLab CI, Azure DevOps, or ArgoCDExtensive hands-on experience designing and hardening pipelines, with a focus on integrating security gates and quality checks at every stage.Application SecuritySAST, DAST, SCAProficiency in integrating and tuning tools like SonarQube, Checkmarx, Snyk, or Veracode within the CI/CD pipeline to analyze proprietary and open-source code for vulnerabilities.Containerization & OrchestrationDocker, Kubernetes (EKS, AKS, GKE)Expertise in securing container images, registry access, and runtime security for Kubernetes clusters (e.g., using Falco, admission controllers).Scripting & AutomationPython, Go, Groovy, Bash/ShellStrong development and scripting abilities for automating complex security tasks, integrating disparate tools, and creating custom security utilities.Operating SystemsLinux and Windows SecurityDeep understanding of hardening and managing operating system security, patching, and configuration drift.B. Professional Experience and Soft SkillsExperience: 7+ years of progressive experience in DevOps, or Security roles, with at least 3 years dedicated to a Senior/Lead DevSecOps or Application Security focus.Banking/Financial Services (Highly Desirable): experience operating within a heavily regulated financial services environment, managing compliance with PCI DSS or similar audit-heavy standards.Security Frameworks: Expert-level familiarity with security standards and methodologies like OWASP Top 10, MITRE ATT&CK, and NIST Cybersecurity Framework.Certifications (Preferred): Relevant certifications such as Certified DevSecOps Engineer (CDPSE), CISSP, CISM, or advanced cloud security certifications (AWS/Azure/GCP Security Specialty).Leadership and Communication: Proven ability to lead technical initiatives, mentor mid-level engineers, and effectively communicate complex security risks and recommended solutions to both executive leadership and technical teams.Capgemini is a global business and technology transformation partner, helping organizations to accelerate their dual transition to a digital and sustainable world, while creating tangible impact for enterprises and society. It is a responsible and diverse group of 340,000 team members in more than 50 countries. With its strong over 55-year heritage, Capgemini is trusted by its clients to unlock the value of technology to address the entire breadth of their business needs. It delivers end-to-end services and solutions leveraging strengths from strategy and design to engineering, all fueled by its market leading capabilities in AI, generative AI, cloud and data, combined with its deep industry expertise and partner ecosystem.

Other Ai Matches

Packaging Engineer Applicants are expected to have a solid experience in handling Job related tasks
Production Engineer - Pharma Applicants are expected to have a solid experience in handling Job related tasks
Associate C2C Collections Process Expert Applicants are expected to have a solid experience in handling Job related tasks
Director - Energy Networks Applicants are expected to have a solid experience in handling Job related tasks
IVVQ Test Engineer Applicants are expected to have a solid experience in handling Job related tasks
Associate Cybersecurity Analyst Applicants are expected to have a solid experience in handling Job related tasks
Technical Support Engineer (Portuguese Speaking) Applicants are expected to have a solid experience in handling Job related tasks
Service Desk Analyst with French Applicants are expected to have a solid experience in handling Job related tasks
Senior Consultant/Manager (m/w/d) Service Transformation Applicants are expected to have a solid experience in handling Customer Service related tasks
Customer Experience (CX) Transformation Consultant Applicants are expected to have a solid experience in handling Job related tasks
Engagement Manager Applicants are expected to have a solid experience in handling Job related tasks
Senior Digital Design Engineer Applicants are expected to have a solid experience in handling Job related tasks
Genyses Solution Engineer Applicants are expected to have a solid experience in handling Job related tasks
Senior SAP CRM Developer Applicants are expected to have a solid experience in handling Job related tasks
Ingénieur / Ingénieure Exploitation Applicative Applicants are expected to have a solid experience in handling Job related tasks
Solution Architect- SAP & AI Innovations Applicants are expected to have a solid experience in handling Job related tasks
Intellimatch developer Applicants are expected to have a solid experience in handling Job related tasks
Databasspecialist Applicants are expected to have a solid experience in handling Job related tasks
Director - Insurance Applicants are expected to have a solid experience in handling Job related tasks
SOC Analyst L2 Applicants are expected to have a solid experience in handling Job related tasks
Developer SPM ServiceNow Applicants are expected to have a solid experience in handling Job related tasks
Medior .Net Developer Applicants are expected to have a solid experience in handling Job related tasks
Products & Systems Engineer Applicants are expected to have a solid experience in handling Job related tasks