Simyog

Menu
Client Login

DevSecOps Engineer

Job Title: DevSecOps Engineer

Job Summary:

We are looking for a DevOps Engineer to own and drive the entire build and release ecosystem for a C++ desktop software product. This is a high-impact individual contributor role, where you will be the single point of ownership for CI/CD pipelines, build systems, and automation across Windows and Linux environments. This role is best suited for someone who enjoys deep technical problem-solving, end-to-end ownership, and working closely with core engineering teams.

Note: This is not a cloud/infrastructure-focused DevOps role.

Roles and Responsibilities

  • Manage on-prem and cloud build infrastructure (e.g.,Jenkins, Bitbucket pipelines) across Windows and Linux platforms
  • Design, implement, and maintain CI/CD pipelines for desktop application builds
  • Build automation around desktop-specific technologies such as MSI/DMG packaging, signing, and auto-update frameworks.
  • Manage build environments, artifact repositories, code-signing infrastructure, and related tooling.
  • Optimize build performance, reliability, and reproducibility.
  • Develop internal tools and scripts to improve developer productivity and security posture (Python, PowerShell, Bash, etc.).
  • Embed security scanning (SAST, SCA, secrets scanning, dependency checks) into CI/CD pipelines.
  • Ensure secure code signing, certificate rotation, and integrity verification for desktop releases.
  • Integrate third-party libraries and tools into the build ecosystem
  • Work with Engineering to enforce secure coding guidelines and mitigate vulnerabilities.
  • Implement and manage security controls for build systems, deployment infrastructure, and development tooling.
  • Support threat modeling, risk assessments, and secure design reviews.
  • Partner with development teams to identify security gaps early and shift-left security practices.
  • Collaborate with QA to integrate automated tests and security checks into pipelines.
  • Contribute to incident response and post-mortems related to build or release issues.
  • Document processes, standards, and best practices for secure development and release.

Required Skills

  • 3–5+ years in DevOps, Security Engineering, or related roles.
  • Experience with CI/CD platforms (Jenkins, Bitbucket pipelines).
  • Strong scripting skills (Python, Bash, PowerShell).
  • Understanding of secure build pipelines, code signing, and artifact integrity.
  • Experience with desktop application build tools (MSBuild, CMake).
  • Solid understanding of OS internals (Windows, Ubuntu, Redhat) from a developer or operations perspective
  • Experience of integrating 3rd party libraries such as QT, HOOPS, etc.
  • Good understanding of job schedulers (LSF) and network file systems

Preferred Skills

  • Experience building installers (MSI/DMG/PKG), auto-updaters
  • Experience in Installshield, Licensing using Flexlm
  • Understanding of static code analysis, code coverage methods
  • Familiarity with hardening build infrastructure (zero-trust principles, credential hygiene, secrets management).
  • Experience with vulnerability management processes and tooling.
  • Familiarity with containerization and virtualization for build automation (Docker, VMs).

 Relevant Education + Experience

  • Bachelor’s degree in Engineering, Computer Science or related field
  • 2–3 years of professional DevSecOps experience
Job Type: Full Time
Job Location: Bengaluru

Apply for this position

Allowed Type(s): .pdf, .doc, .docx