• Architect, implement, and secure CI/CD pipelines (GitHub, GitLab, Jenkins) integrating automated security controls aligned with ASL/SDL requirements
• Operate and secure containerized platforms (Docker, Kubernetes) with strong adherence to DevSecOps and cloud security best practices
• Design and manage secure cloud-native architectures (preferably Microsoft Azure), including identity, networking, and platform security controls
• Implement and maintain DevSecOps toolchains, integrating security scanning solutions (SAST, DAST, SCA, container scanning) into build and release processes
• Develop and manage Infrastructure as Code (Terraform, Helm) to enable compliant, repeatable, and automated environment provisioning
• Ensure observability and reliability through logging, monitoring, alerting, and incident response frameworks for production-grade systems
• Automate operational workflows and security controls using Python scripting and platform automation techniques
• Enable data-driven decision making by developing dashboards and insights using Power BI (or similar tools), aligned with ASL KPIs and security metrics
• Leverage platforms such as Microsoft Fabric (or equivalent) for data integration, pipeline orchestration, and analytics
• Collaborate with Security, SDL, and Product teams to enforce secure development practices and improve overall application security posture
• Support high-availability and resilient systems, ensuring continuous, secure service delivery across environments