Avnet logo

DevSecOps Engineer III

Avnet
2 days ago
Full-time
Remote
India
Automation

Farnell

Farnell, an Avnet company, is a global high-service distributor of technology products, services and solutions for electronic system design, maintenance and repair.

Job Description Summary :

We are seeking a highly autonomous and hands-on DevSecOps / Application Security Engineer to champion security integration across our global application ecosystem. This role sits at the intersection of application security, software engineering, and cloud automation.

You will be responsible for assisting in the design, implementation, and scaling of security controls throughout the Software Development Lifecycle (SDLC), primarily focusing on securing Azure-native services and driving cultural change toward secure-by-default practices among global development and architecture teams.

Principal Responsibilities:

·         Pipeline Security Automation: Design, implement, and centrally manage advanced security tooling (SAST, DAST, SCA, Secrets Management) directly within high-volume GitHub Actions and GitLab CI/CD pipelines.

·         Azure Cloud Security Engineering: Engineer and enforce security controls for our Azure-native services (e.g., AKS, Azure Functions, App Services), with a strong emphasis on Managed Identities, Azure Policy, Defender for Cloud, and securing the networking perimeter (e.g., App Gateway WAF).

·         Secure Design & Governance: Lead threat modeling sessions and security design reviews for net-new, large-scale applications. Design and operationalize security guardrails aligned with enterprise standards (OWASP API Security, NIST, PCI-DSS).

·         Vulnerability Remediation & Coaching: Drive the end-to-end vulnerability lifecycle, from discovery (e.g., coordinating with Red Teams/Bug Bounty) to defining clear, actionable security-focused remediation guidance for development teams.

·         IaC Security: Embed security checks and best practices into our Infrastructure-as-Code workflows, primarily using Terraform or Bicep.

·         Identity & Access Management: Define and implement robust access controls and key management strategies utilizing Azure Key Vault and cloud-native identity solutions.

·         Other duties as assigned​

Distinguishing Characteristics:

·         Cloud Depth: Hands-on experience securing production workloads in the Microsoft Azure ecosystem. Deep familiarity with key services like AKS, Azure Functions, App Services, and Azure Firewall/WAF.

·         CI/CD Mastery: Demonstrated expertise automating security controls (scanning, gating, posture checks) within GitHub Actions and/or GitLab CI/CD.

·         Security Knowledge: Strong, actionable knowledge of the OWASP Top 10/API Security and aligning practices to standards like NIST 800-53.

·         Automation: Proficiency in Python, PowerShell, or Bash for creating security automation, custom checks, and tool integration.

·         Tooling: Working experience with modern enterprise security tools (e.g., Snyk, Checkmarx, Prisma Cloud, GitHub Advanced Security, or ASPM platforms).

·         Container Security: Practical experience with container runtime security and posture management (e.g., Defender for Containers, Falco).

Work Experience:

·         Typically, 5+ years with bachelor's or equivalent.

Education and Certification(s):

·         Bachelor's degree or equivalent experience from which comparable knowledge and job skills can be obtained.

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills.