Senior / Lead DevSecOps Engineer (AWS, Azure, Go)

We are looking for a dedicated **DevSecOps Engineer** to build, automate, and maintain the security framework for our fintech platform. In this role, you will focus on implementing "Security-as-Code" to ensure our financial applications and AI-driven features remain secure and reliable.You will be responsible for hands-on technical tasks, from hardening **Docker** environments to securing **AI models**, all while maintaining strict adherence to **PCI DSS** standards. This is a perfect opportunity for an engineer who thrives on technical execution and wants to scale a secure, modern fintech ecosystem. Key ResponsibilitiesCI/CD Security Integration : Design, implement, and manage **security gates** within CI/CD pipelines (e.g., GitHub Actions, GitLab CI) by integrating **SAST, DAST, and SCA** tools to detect and block vulnerabilities early in the delivery lifecycle.Cloud Engineering (AWS or Azure) : Design, secure, and operate multi-account / multi-subscription cloud environments. Implement **IAM/RBAC**, security baselines, network segmentation, and cloud-native security services (e.g., Azure Defender, Microsoft Sentinel, AWS Security Hub, GuardDuty).Container Security : Secure the full **Docker lifecycle**, including base image hardening, container image scanning, secure registries, runtime protection, and container orchestration security.Infrastructure as Code (IaC) : Build, maintain, and scale cloud infrastructure using **Terraform**, ensuring all environments are **reproducible, auditable, and version-controlled**, with zero manual configuration drift.AI Model & Data Security : Implement security controls for **AI / Machine Learning workflows**, focusing on protecting model endpoints, securing API integrations, controlling access to training and inference data, and preventing data leakage.PCI DSS Compliance & Security Controls : Act as the **Technical lead for PCI DSS** requirements, including: Vulnerability scanning (internal & ASV)Vulnerability scanning (internal & ASV)File Integrity Monitoring (FIM)Centralized logging and audit trailsSecure network segmentation and access controlThreat Modeling & Incident Response : Conduct threat modeling for new features and architectural changes. Lead technical response efforts during **security incidents, data breaches, or major cloud outages.Vulnerability Management : Own the end-to-end vulnerability management process across applications, containers, cloud infrastructure, and third-party dependencies, from identification and risk prioritization to remediation and verification.