Job Overview We are seeking an experienced and highly skilled Senior DevSecOps Consultant to join our cybersecurity consulting team in Jaipur Rajasthan The Senior DevSecOps Consultant will be responsible for integrating security practices into the software development lifecycle SDLC designing secure CI CD pipelines automating security testing and advising enterprise clients on secure development and operational practices This role requires deep expertise in DevOps methodologies security automation tools cloud infrastructure security and the ability to work closely with development operations and security teams to embed security throughout the application delivery pipeline The ideal candidate will have proven experience implementing DevSecOps practices for multinational clients and driving security transformation initiatives Key Responsibilities Secure CI CD Pipeline Design Architect design and implement secure CI CD pipelines integrating security checkpoints at every stage including code commit build test deployment and monitoring phases using tools like Jenkins GitLab CI CD Azure DevOps or GitHub Actions Security Automation Automate security testing processes including Static Application Security Testing SAST Energetic Application Security Testing DAST Software Composition Analysis SCA container scanning and Infrastructure as Code IaC security validation throughout the development pipeline Security Tool Integration Integrate and configure security tools such as SonarQube Snyk Checkmarx Veracode OWASP ZAP Aqua Security Trivy HashiCorp Vault and vulnerability management platforms into automated workflows Container and Kubernetes Security Implement security controls for containerized environments including Docker image scanning Kubernetes security policies pod security standards runtime protection secrets management and orchestration security Cloud Security Implementation Design and implement security controls for cloud platforms AWS Azure GCP including IAM policies security groups network segmentation encryption compliance monitoring and cloud-native security services Infrastructure as Code IaC Security Develop and review secure infrastructure code using Terraform CloudFormation or Ansible implement policy-as-code using tools like Open Policy Agent OPA or Checkov and ensure infrastructure compliance Vulnerability Management Establish and manage vulnerability management programs including automated scanning vulnerability prioritization remediation tracking SLA management and integration with ticketing systems Security Code Review Conduct security-focused code reviews identify security anti-patterns provide secure coding guidance to development teams and implement automated code quality and security gates Client Consulting and Advisory Engage directly with enterprise and multinational clients to assess current DevSecOps maturity design security transformation roadmaps provide strategic recommendations and guide implementation of security best practices Compliance and Governance Ensure DevSecOps practices align with regulatory requirements and industry standards including ISO 27001 SOC 2 PCI DSS HIPAA GDPR and implement compliance-as-code frameworks Threat Modeling and Risk Assessment Conduct application threat modeling identify security risks in architecture and design phases perform risk assessments and recommend security controls to mitigate identified threats Security Training and Enablement Develop and deliver training programs for development and operations teams on secure coding practices security tool usage threat awareness and DevSecOps methodologies Incident Response Integration Integrate security monitoring logging and alerting into DevOps workflows implement SIEM integration establish incident response playbooks and support security incident investigations Metrics and Reporting Define and track DevSecOps metrics including mean time to remediate MTTR vulnerability density security test coverage and compliance status and provide regular reporting to stakeholders and clients Qualifications Experience 5-6 years of hands-on experience in DevSecOps application security security engineering or DevOps with proven track record of implementing secure CI CD pipelines and security automation for enterprise clients across multiple industries Certifications Required Certified DevSecOps Professional CDP - Practical DevSecOps AWS Certified Security - Specialty or Azure Security Engineer Associate AZ-500 or Google Cloud Professional Cloud Security Engineer Preferred Certified Kubernetes Security Specialist CKS AWS Certified DevOps Engineer - Professional or Microsoft Certified DevOps Engineer Expert GIAC Cloud Security Automation GCSA Certified Information Systems Security Professional CISSP Certified Ethical Hacker CEH HashiCorp Certified Terraform Associate Docker Certified Associate Technical Skills Strong expertise in CI CD platforms including Jenkins GitLab CI CD GitHub Actions Azure DevOps CircleCI or Travis CI with experience building complex automated pipelines Advanced knowledge of containerization and orchestration using Docker and Kubernetes including security configurations network policies and runtime security Hands-on experience with security testing tools including SAST SonarQube Checkmarx Fortify DAST OWASP ZAP Burp Suite and SCA Snyk WhiteSource Black Duck Proficiency in Infrastructure as Code tools such as Terraform AWS CloudFormation Azure ARM Templates or Pulumi with security best practices Strong scripting and programming skills in Python Bash PowerShell or Go for automation and custom tool development Deep understanding of cloud security for AWS Azure or GCP including IAM KMS security groups VPC configuration and cloud-native security services Experience with secrets management solutions such as HashiCorp Vault AWS Secrets Manager Azure Key Vault or CyberArk Knowledge of container security tools including Aqua Security Twistlock Prisma Cloud Trivy Clair or Anchore for image scanning and runtime protection Expertise in configuration management and automation tools like Ansible Puppet Chef or SaltStack Strong understanding of application security including OWASP Top 10 secure coding practices authentication authorization mechanisms and API security Experience with version control systems Git GitHub GitLab Bitbucket and branching strategies for secure code management Proficiency in monitoring and logging tools such as Prometheus Grafana ELK Stack Splunk or cloud-native monitoring solutions Knowledge of policy-as-code and compliance automation using Open Policy Agent OPA Checkov or Sentinel Understanding of Linux Unix system administration and security hardening practices Education Bachelor s degree in Computer Science Information Security Cybersecurity Information Technology Software Engineering or related technical field or equivalent professional experience with relevant certifications Soft Skills Excellent consulting and advisory skills with ability to assess client environments and provide strategic security recommendations Strong communication skills to articulate complex security concepts to technical and non-technical audiences including developers operations teams and executives Proven leadership abilities to guide cross-functional teams and drive security culture transformation within organizations Analytical and problem-solving mindset to identify security gaps design effective solutions and troubleshoot complex technical challenges Collaborative approach to work effectively with development operations security and business stakeholders Strong project management skills to handle multiple client engagements simultaneously and deliver within timelines Ability to mentor junior team members and conduct effective training sessions Additional Requirements Solid understanding of Agile and DevOps methodologies including CI CD practices continuous monitoring and iterative development Experience working with multinational clients and understanding of global security standards and compliance requirements Knowledge of secure software development lifecycle SSDLC frameworks and methodologies Familiarity with threat modeling methodologies such as STRIDE PASTA or OCTAVE Understanding of microservices architecture API security and serverless security considerations Experience with penetration testing vulnerability assessment or ethical hacking is a plus Commitment to continuous learning and staying current with emerging DevSecOps tools techniques and threat landscape Willingness to travel occasionally to client sites for assessments implementations and workshops Ability to work in fast-paced consulting environment with changing priorities and tight deadlines Resume Information How to Apply To apply for this position email your resume to job2026 thefourthcommand com Subject Line Format FC DEVSECOPS YOUR FULL NAME RESUME Resume Requirements Your resume must include the following information Last Company Details Name of your most recent employer duration of employment in years months job title and comprehensive description of DevSecOps responsibilities and projects delivered DevSecOps Tools and Platforms Detailed list of tools and technologies you have hands-on experience with categorized as CI CD tools Jenkins GitLab CI CD GitHub Actions Azure DevOps etc Security testing tools SAST DAST SCA tools - SonarQube Snyk Checkmarx OWASP ZAP etc Container and orchestration platforms Docker Kubernetes OpenShift etc Container security tools Aqua Trivy Clair Anchore etc Cloud platforms AWS Azure GCP and security services IaC tools Terraform CloudFormation Ansible etc Secrets management Vault AWS Secrets Manager etc Monitoring and logging tools Prometheus Grafana ELK Splunk etc Programming and Scripting Languages Languages you are proficient in Python Bash PowerShell Go Ruby etc with examples of automation scripts or tools developed Client and Project Experience Details of enterprise or multinational clients you have worked with including Industry sectors Banking Healthcare E-commerce Technology etc Type of DevSecOps engagements pipeline security security automation cloud security consulting Project scope and complexity Key achievements and security improvements delivered Pipeline Projects Specific examples of CI CD pipelines you have designed and implemented including Pipeline architecture and tools used Security controls integrated Automation achievements Performance and security outcomes Certifications Complete list of DevSecOps cloud security and DevOps certifications including Certification name Issuing organization Year obtained and validity status Certification ID or badge if applicable Cloud Security Experience Specific cloud platforms you have secured AWS Azure GCP with details of security implementations services configured and compliance achieved Methodologies and Frameworks Familiarity with DevSecOps frameworks SSDLC methodologies compliance standards ISO 27001 SOC 2 PCI DSS HIPAA and threat modeling approaches Educational Background Degree details including specialization institution and year of completion Leadership and Training Experience leading teams conducting training sessions or mentoring team members in DevSecOps practices Passport Size Photograph A recent passport size photograph must be included on your resume mandatory requirement Incomplete applications or resumes missing any of the above requirements will not be considered for evaluation Job Type Full-time Pay 300 000 00 - 800 000 00 per year Work Location In person