Iranian company dealing only with Iranian entities
1395
Privately held
Company score
4.2
insurance
Aَzki is a website for comparing, buying and managing insurance online. With the help of Azki, you can compare and consciously buy all the information you need, including price, insurance coverage and quality of services of different insurance companies.
We are looking for a DevSecOps Engineer to help us build secure, reliable, and scalable software delivery processes by integrating security into every stage of the development lifecycle. In this role, you will work closely with Development, DevOps, and Security teams to automate security controls, strengthen infrastructure, and ensure our products are delivered securely without compromising development speed. Responsibilities
Design, implement, and maintain secure CI/CD pipelines.
Integrate security tools such as SAST, DAST, SCA, Secret Scanning, Container Security, and IaC Security into development workflows.
Automate infrastructure provisioning and security using Infrastructure as Code (IaC).
Harden Linux systems, containers, Kubernetes clusters, and cloud/on-premise environments.
Monitor vulnerabilities, security events, and logs to identify and mitigate risks.
Collaborate with Development, DevOps, Infrastructure, and Security teams to improve security practices.
Define, implement, and enforce security policies, standards, and best practices.
Participate in security incident response, root cause analysis, and remediation activities.
Continuously improve DevSecOps processes and promote a security-first culture across engineering teams.
Requirements
Hands-on experience with Linux administration.
Strong understanding of CI/CD pipelines and experience with tools such as GitLab CI, Jenkins, or GitHub Actions.
Practical experience with Docker and Kubernetes.
Familiarity with cloud platforms and/or on-premise infrastructure.
Good understanding of application security, infrastructure security, and secure software development practices.
Experience with vulnerability management, logging, and SIEM solutions.
Scripting experience using Bash, Python, or similar languages.
Strong understanding of networking and security fundamentals.
Ability to analyze security risks, communicate technical findings clearly, and work effectively with cross-functional teams.
Nice to Have
Experience with tools such as Trivy, SonarQube, OWASP ZAP, Falco, or similar security solutions.
Familiarity with DevSecOps maturity models or Zero Trust architecture.
Security-related certifications such as Security+, CEH, CKA, or CKS.
Experience working in enterprise or regulated environments.