Job Locations IN-Bengaluru
ID
2026-8071

Overview

Position: Engineer III - DevSecOps
(6 to 10 years of experience in Secure Application Development & Azure
Security Engineering)

 

Job Summary:


We are seeking a highly skilled and experienced Security Development Engineer
(SecDev Engineer – III) to design, develop, and secure enterprise-grade products and
solutions built on Microsoft technologies. This role demands expertise in secure
software development, DevSecOps practices, and cloud security, with a strong focus
on embedding security into the development lifecycle. You will play a critical role in
ensuring secure, scalable, and resilient application development across our
platforms.


Key responsibilities:


• Design, develop, and maintain secure applications across cloud and on-prem
environments.
• Implement secure coding practices and integrate security into the SDLC
(DevSecOps).
• Perform code reviews, vulnerability assessments, and remediation.
• Build and manage secure CI/CD pipelines with integrated security controls.
• Design and implement Azure cloud security controls.
• Implement identity and access management (Azure AD, RBAC).
• Perform threat modelling and risk assessments.
• Improve monitoring and threat detection capabilities.
• Collaborate with DevOps, InfraOps, and Security teams.
• Mentor junior engineers and contribute to documentation.
Technology skills, Competencies and Experience:
Application & Security Engineering:
• .NET / API / web application security experience
• Secure coding practices (OWASP Top 10)
• Experience with SAST, DAST tools
• Strong understanding and Experience in executing a Security Software
Development lifecycle
• Gathering/Identifying Security and Privacy requirements
• Performing Security and Privacy Risk Assessments in support of the
development process
• Providing guidance on controls and mitigations for reported security issues
• Experience protecting sensitive data and vulnerabilities on Cloud resources
• Hands-on experience with web application penetration testing
• Excellent communication – verbal and written
• Leadership qualities including self-accountability, work-prioritization,
meeting facilitation, time management, team co-ordination


Cloud & Microsoft Stack:
• Azure IaaS and PaaS services
• App Services, Functions, Key Vault, Networking,Logic apps


Identity & Access Management:
• Azure AD, RBAC, Conditional Access
• OAuth and OpenID Connect


DevSecOps & Automation:
• Azure DevOps / GitHub Actions / Jenkins
• Infrastructure as Code (Terraform, ARM, Bicep)


Monitoring & Threat Detection:
• Microsoft Defender, Azure Sentinel (preferred)
• Log analysis and alert response


Scripting & Automation:
• PowerShell
• Python / Bash (preferred)


Qualification:
• Bachelor’s degree in Computer Science, Information Technology, or a related
field.


Experience:
• 6 to 10 years of overall IT experience.
• 3–5 years in application security, cloud security, or DevSecOps.
• Experience in enterprise product or solution development preferred.

Nice to have:
• Azure security certifications (AZ-500, SC-200, SC-300)
• Knowledge of threat modeling frameworks (STRIDE, MITRE)
• Experience in API security
• Experience in GenAI related solutioning for security review
• Integrate AI-enabled security tools into CI/CD pipelines to support continuous
security validation



Work location: Wipfli India, Bengaluru

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed