We are looking for a DevSecOps Engineer to help us build secure, reliable, and scalable software delivery processes by integrating security into every stage of the development lifecycle.
In this role, you will work closely with Development, DevOps, and Security teams to automate security controls, strengthen infrastructure, and ensure our products are delivered securely without compromising development speed.
Responsibilities
Design, implement, and maintain secure CI/CD pipelines.
Integrate security tools such as SAST, DAST, SCA, Secret Scanning, Container Security, and IaC Security into development workflows.
Automate infrastructure provisioning and security using Infrastructure as Code (IaC).
Harden Linux systems, containers, Kubernetes clusters, and cloud/on-premise environments.
Monitor vulnerabilities, security events, and logs to identify and mitigate risks.
Collaborate with Development, DevOps, Infrastructure, and Security teams to improve security practices.
Define, implement, and enforce security policies, standards, and best practices.
Participate in security incident response, root cause analysis, and remediation activities.
Continuously improve DevSecOps processes and promote a security-first culture across engineering teams.
Requirements
Hands-on experience with Linux administration.
Strong understanding of CI/CD pipelines and experience with tools such as GitLab CI, Jenkins, or GitHub Actions.
Practical experience with Docker and Kubernetes.
Familiarity with cloud platforms and/or on-premise infrastructure.
Good understanding of application security, infrastructure security, and secure software development practices.
Experience with vulnerability management, logging, and SIEM solutions.
Scripting experience using Bash, Python, or similar languages.
Strong understanding of networking and security fundamentals.
Ability to analyze security risks, communicate technical findings clearly, and work effectively with cross-functional teams.
Nice to Have
Experience with tools such as Trivy, SonarQube, OWASP ZAP, Falco, or similar security solutions.
Familiarity with DevSecOps maturity models or Zero Trust architecture.
Security-related certifications such as Security+, CEH, CKA, or CKS.
Experience working in enterprise or regulated environments.
ما حاصل ایدهای هستیم که سال ۹۵ شکل گرفت؛ «بیمیتو» که چند سال بعد با «ازکی» ادغام شد و با اسم Azki.com به حرکت خودش ادامه داد. شروع تاریخ ما از دنیای «مقایسه و خرید آنلاین بیمه بوده و صنعت بیمه رو هم سالها پیش دریانوردها استارت زدن. ما در ازکی شبیه دریانوردهایی هستیم که صاحب کشتیچههای خودمونیم و با همدیگه کشتی بزرگتری رو دنبال خودمون میکشونیم. این کشتی بزرگ و غولپیکر یعنی ازکی!
کار ما اینه که به آدما کمک کنیم که با مقایسه کردن بهترین تصمیم رو بگیرن.
ما با هم داریم یک بیزینس رو حرکت میدیم و این فرصت رو داریم که اینجا ایدههامون رو اجرا کنیم، با کنجکاوی توی ازکی گشت و گذار کنیم، تکههای این کشتی بزرگ و کشتی خودمون رو با تخصصمون بهتر کنیم یا از نو بسازیم.
ما میخوایم چیزی بسازیم که کاربرمون بگه:
«چه چیز خفن و باحالی!»