DevSecOps Engineer – Identity & Access Management

This is a fully remote position, open to applicants in India.

📋 Description

• Design and integrate security tools into CI/CD pipelines utilizing GitHub Actions and GCP Cloud Build to facilitate automated code scanning, dependency security, secrets scanning, and policy enforcement.

• Create secure, automated pipelines on the GCP platform, enabling ongoing compliance validation, vulnerability scanning, and policy-as-code deployment for cloud workloads and containerized environments.

• Implement and oversee emerging Microsoft Entra ID security controls, including Conditional Access, Identity Protection, Privileged Identity Management (PIM), Identity Governance, and adaptive MFA policies across enterprise workloads.

• Leverage new Entra technologies such as Entra Agent ID, Entra Workload ID, Identity Governance lifecycle workflows, and Zero-Trust deployments to enhance identity protection, automate governance, and modernize access strategies.

• Continuously assess new features in Microsoft Entra ID and GCP IAM, offering architectural recommendations and integrating relevant capabilities into enterprise DevSecOps workflows.

• Automate identity and security configurations using scripting and Infrastructure as Code (IaC) tools like Terraform, Ansible, and ARM templates, supporting multi-cloud pipelines for Azure and GCP.

• Build and maintain custom security agents and automation workflows to improve identity telemetry, enforce real-time access policies, and standardize cloud security controls across various environments.

• Perform regular reviews of roles, permissions, service principals, workload identities, and application registration security to ensure least-privilege access and alignment with Zero Trust principles.

• Collaborate with engineering teams to conduct secure code reviews, threat modeling, vulnerability assessments, and provide remediation guidance throughout development and deployment phases.

• Create dashboards, reports, and automation for identity compliance, audit readiness, and IAM security posture using tools like Azure Monitor, GCP Looker, Sentinel, and BigQuery.

⛳️ Requirements

• 3–6+ years of experience in DevOps, SecOps, or Cloud Security Engineering roles.

• Strong hands-on expertise with Microsoft Entra ID (AuthN Protocols, Conditional Access, PIM, Identity Protection, Graph API, and automation).

• Lead GCP cloud deployments and construct scalable, secure automation pipelines, using Cloud Build, Cloud Deploy, Artifact Registry, and GCP-native IaC to facilitate continuous delivery, compliance automation, and multi-cloud DevSecOps workflows.

• Experience with Infrastructure as Code (IaC) tools: Terraform, Bicep, or ARM templates.

• Knowledge of container security, Kubernetes, and cloud-native security patterns.

• Strong understanding of Zero Trust principles, IAM, and identity lifecycle management.

• Familiarity with vulnerability management tools and SAST/DAST integrations (42Crunch, CheckmarX, and FOSSA).

• Microsoft Azure certifications (e.g., AZ-500, SC-300, AZ-104, AZ-305) are a strong advantage.

🏝️ Benefits

• Opportunity to work on cutting-edge technology in cloud security.

• Collaborative and inclusive work environment.

• Professional development and growth opportunities.

• Competitive compensation and benefits package.