Tulips Technologies
Software Companies

We are a software development company with main partner from Sweden, Websearch Professionals (http://websearchpro.net), who belongs to the renowned Thinc group (http://thinccollective.se).

Our expertise lies in high-end web development, mobile apps, and web applications. Our dedicated team of talented and passionate individuals are committed to ensuring that our customers' needs are always top priority. With their love for a good challenge, we have achieved great success in our field.

We are a software development company with main partner from Sweden, Websearch Professionals (http://websearchpro.net), who belongs to the renowned Thinc group (http://thinccollective.se).

Lead Cybersecurity & DevSecOps Engineer

Views: 1071 | This job is expired 6 months ago

Basic Job Information

Job Category	:	IT & Telecommunication > Programmer/ Software Engineer
Job Level	:	Senior Level
No. of Vacancy/s	:	[ 1 ]
Employment Type	:	Full Time
Job Location	:	Bhimsengola, New Baneshwor -31
Offered Salary	:	Not Disclosed
Apply Before(Deadline)	:	Apr. 22, 2025 23:55 (6 months ago)

Job Specification

Education Level	:	Under Graduate (Bachelor)
Experience Required	:	More than or equal to 5 years
Professional Skill Required	:	Cyber Security Devsecops

Other Specification

Required Skills & Qualifications

Minimum Bachelor’s Degree in IT or Higher, Computer Science, Cybersecurity, or a related field.
5+ years of experience in Cybersecurity, DevSecOps, or Application Security.
Strong coding & development experience (.NET, or PHP).
Deep expertise in AWS & Azure security (IAM, encryption, WAF, CloudTrail, Defender).
Hands-on experience with Git security, CI/CD automation, and container security.
Excellent leadership, communication, and team management skills.
Strong knowledge of ISO 27001, NIST, GDPR, and other compliance frameworks.

Preferred Certifications (Optional but a Plus!)

CISSP (Certified Information Systems Security Professional) – Advanced security knowledge.
OSCP (Offensive Security Certified Professional) – Penetration testing expertise.

Job Description

Key Responsibilities

Leadership & Security Strategy

Lead and manage the security team, ensuring best practices are followed.
Develop and enforce security policies, DevSecOps strategy, and risk management plans.
Collaborate with development teams to integrate security into the SDLC (Shift-Left Security).
Conduct security awareness training for developers and IT staff.

Secure Software Development & OWASP Compliance

Perform OWASP Top 10 security audits and implement fixes.
Guide developers in writing secure, scalable, and robust applications.
Implement SAST (Static Code Analysis) & DAST (Dynamic Security Testing).
Ensure secure authentication (OAuth2, MFA, JWT, Zero Trust Architecture).

DevSecOps, Git Security & CI/CD Pipelines

Implement Git security best practices (signed commits, secret scanning, access control).
Automate security testing in CI/CD (GitHub Actions, Jenkins, GitLab CI).
Secure Docker containers, Kubernetes clusters, and serverless deployments.
Monitor logs, security alerts, and incident response plans.

Cloud & Server Security (AWS & Azure)

Secure AWS IAM roles, S3, EC2, RDS, Lambda and Azure resources.
Configure firewalls, WAFs, VPNs, IDS/IPS for network security.
Monitor and respond to cloud security threats & vulnerabilities.
Ensure compliance with ISO 27001, GDPR, and CIS security benchmarks.

VAPT & Security Testing

Conduct penetration testing (VAPT) for web apps, APIs, and infrastructure.
Use Burp Suite, OWASP ZAP, Nessus, Acunetix for security testing.
Identify and fix zero-day vulnerabilities & security misconfigurations.
Implement endpoint security, logging, and SIEM solutions.

This job has expired.

Similar Jobs