Lead II - Software Security Tester - DevSecOps Security - Trivandrum/Bangalore - UST

Key Responsibilities

• Lead the design, implementation, and optimization of secure CI/CD pipelines across multiple projects, ensuring seamless integration of security controls.
• Configure and tune SAST tools such as Semgrep, and manage dynamic testing with Burp Suite and OWASP ZAP to identify and remediate vulnerabilities.
• Oversee SCA and SBOM processes, maintaining accurate component inventories and vulnerability tracking.
• Collaborate with development, QA, and operations teams to embed security best practices into the software delivery lifecycle.
• Mentor and coach junior security engineers, fostering a culture of continuous improvement and security awareness.

Requirements

• 10‑13 years of experience in DevSecOps, DevOps, or Security Engineering with proven lead-level impact.
• Expertise in CI/CD pipeline engineering, preferably with GitLab CI/CD.
• Hands‑on experience with SAST (Semgrep), DAST (Burp Suite, OWASP ZAP), and SCA/SBOM tools.
• Strong understanding of application security principles, threat modeling, and secure coding practices.
• Excellent communication skills and ability to influence cross‑functional teams.