DevSecOps

Job Title :DevSecOps Location: Bangalore Department: PRE Reports to: Head of InfoSec Tookitaki is looking for an experienced Cybersecurity Professionals preferable from a product based company to join our team and help us build a strong DevSecOps culture. In this role, you will be responsible for implementing security controls and best practices throughout the software development lifecycle, with a focus on shifting security left. You will also be tasked with ensuring the security of our cloud infrastructure, particularly on AWS Roles & responsibilities:

• Collaborate with development teams to integrate security testing and controls into CI/CD pipelines
• Implement security as code practices to automate security checks and enforce policies
• Conduct security assessments and penetration testing to identify vulnerabilities early in the development process
• Provide guidance and training to developers on secure coding practices and common security pitfalls
• Develop and maintain security standards, guidelines, and controls for cloud infrastructure, particularly on AWS
• Monitor cloud environments for security incidents and anomalies, and respond accordingly
• Stay up-to-date with the latest cloud security best practices, threats, and compliance requirements

Requirements:

• 3+ years of experience in cybersecurity, with a focus on DevSecOps and cloud security
• Strong understanding of application security concepts and secure coding practices
• Proficiency in implementing security controls and testing in CI/CD pipelines using tools like Snyk, SonarQube or other shift-left products
• Experience with cloud security controls and best practices, particularly on AWS
• Knowledge of common cloud security threats, such as misconfigured S3 buckets, exposed

OKR

• Automate 80% of security checks within CI/CD pipelines using “security as code” practices.
• Maintain 100% compliance with internal security standards and external frameworks
• Reduce the average time to detect, respond, and resolve security incident
• Achieve integration of security practices in 90% of development projects.

Preferred Skills and Qualifications:

• Certifications such as AWS Certified Security - Specialty, SSCP, CSSLP.
• Experience with Infrastructure as Code (IaC) tools like Terraform and Cloud Formation
• Knowledge of cloud security monitoring and incident response best practices
• Familiarity with compliance frameworks like HIPAA, PCI-DSS, and GDPR
• Exposure to the FinTech industry.

Introducing Tookitaki Tookitaki is positioned as one of the most intelligent financial crime prevention platforms available. This distinction is driven by our innovative use of collective intelligence and a federated approach. Our Anti-Financial Crime (AFC) Ecosystem leverages an expert network that continuously updates and shares knowledge, acting as a force multiplier. This collaborative model significantly outperforms the siloed approaches used by our competitors, ensuring our clients benefit from the most comprehensive and up-to-date financial crime prevention strategies. Our Anti-Financial Crime (AFC) Ecosystem leverages a vast, community-driven repository of financial crime patterns, continuously updated by industry experts. Leading digital banks and payment platforms across Asia, including GXS, Tencent, Maya, and Boost, trust this approach to stay protected against evolving money laundering and fraud tactics. By joining this ecosystem, our clients can benefit from the collective intelligence of top industry players, ensuring unparalleled protection. We are supported by few of the best investors in the world showcasing our stability and growth while validated by external organizations like World Economic Forum (Technology Pioneer) and others Here is a snapshot of some of the awards we have received recently: