Integrate security best practices into the DevOps pipeline (azure-devops) ensuring secure software delivery.

Conduct regular vulnerability assessments and provide recommendations for remediation.

Manage and secure Elasticsearch clusters, including RBAC, index-level permissions, encryption, and auditing.

Collaborate with development, operations, and security teams to design and implement security solutions.

Automate security processes, including code quality checks (SonarQube) and vulnerability scanning (SBOM, Trivy).

Monitor security metrics and prepare reports for stakeholders.

Stay up to date with emerging security threats, vulnerabilities, and industry best practices.

Respond to security incidents and lead post-incident investigations.

Provide training and guidance to team members on security best practices.

Strong expertise in DevOps and security tools (eg. SonarQube, SBOM, Docker, Kubernetes, Terraform, CICD tool etc).

Experience with security practices 

Hands-on experience with vulnerability assessment and penetration testing tools.

Vulnerability Assessment: Experience in identifying and mitigating security vulnerabilities.

Incident Response:

Strong automation skills to embed security into CI/CD workflows.