DevSecOps Engineer
On-site
Full Time
#Engineering
#DevSecOps
#Cloud Platforms
#Infrastructure as Code
#Security Tools
#Security
#Automation
#Compliance
#Threat Modeling
#Architecture
Orkes provides a platform designed for developers to create durable, distributed, and event-driven applications. Built upon the widely used open-source orchestration engine known as Conductor, our technology enables teams to accelerate their time to market by scaling to billions of workflows without the burden of managing failures or visibility challenges. We are currently seeking our first DevSecOps Engineer to join our engineering team in Bangalore. This is an on-site, full-time role where you will have the unique opportunity to shape our security standards and influence our engineering culture from the ground up.
Key outcomes
- Integrate automated security testing and monitoring tools directly into our CI/CD pipelines to ensure secure and rapid software releases.
- Audit, harden, and monitor cloud infrastructure across major providers, focusing on IAM roles, encryption, and network segmentation.
- Manage vulnerability lifecycles by scanning repositories and dependencies, prioritizing remediation efforts, and coordinating with developers to ensure timely fixes.
- Develop and maintain automation scripts to streamline security tasks, including compliance reporting and incident response.
- Secure containerized environments by enforcing best practices for Docker and Kubernetes, including runtime monitoring and image scanning.
- Monitor security logs and alerts using tools like the ELK Stack or Splunk to detect, investigate, and respond to potential threats.
- Maintain compliance with industry standards such as SOC 2, GDPR, and ISO 27001 while documenting security controls.
- Foster a security-first mindset across the organization through developer training, cross-functional collaboration, and effective communication with leadership.
Requirements
- At least 7 years of professional experience in a DevSecOps, DevOps, or security engineering role within a software development environment.
- Strong proficiency in cloud security best practices across major providers like AWS, Azure, or GCP.
- Hands-on experience with Infrastructure as Code tools, such as Terraform, CloudFormation, or Ansible.
- Familiarity with programming languages including Java, Golang, or C++.
- Deep knowledge of security tooling, including vulnerability scanners like OWASP ZAP or Nessus and testing tools like SonarQube.
- Proven ability to secure containerized applications and orchestration platforms like Kubernetes.
- Strong scripting skills in Python or Bash to automate security processes.
- Experience with version control systems and CI/CD pipelines, such as Jenkins, GitLab CI, or CircleCI.
- Solid understanding of security frameworks and risk management principles, such as OWASP and NIST.
- Excellent communication skills with the ability to influence technical and non-technical stakeholders.
Preferred qualifications
- Industry-recognized certifications such as CISSP, CEH, AWS Certified Security, or Certified DevSecOps Professional.
- Prior experience working in a fast-paced, agile startup environment where you have taken ownership of security processes.
- Experience with threat modeling and risk assessment techniques.
- Practical knowledge of implementing Zero Trust architecture principles.
How to apply
If you are a proactive, detail-oriented professional who thrives in a collaborative environment, we would love to hear from you. Please reach out to our team to express your interest and begin the conversation about how you can help us build a more secure future at Orkes.







