DevSecOps Engineer

Company: METRO Global Solution Center IN
Apply for the DevSecOps Engineer
Location: Pune
Job Description:

Job Description

  • Embed application security controls into CI/CD pipelines to provide accurate, actionable, and timely feedback to engineers.
  • Support the investigation, remediation, and validation of application security findings including the management of exceptions and false positives.
  • Conduct targeted code reviews in partnership with engineers and platform teams to identify security issues early and improve coding practices
  • Implement and maintain security controls, integrations, and automations required to ensure security and privacy by default across applications and their APIs.
  • Perform threat modeling exercises to identify abuse cases, threat actors, and appropriate preventative and detective controls
  • Participate actively in the engineer community led by METRO Corporate Information Security to define best practices, align way-of-working, prioritize and execute on the needed activities across application and API platforms.

Qualifications

Security experience in one, or more of the following:

  • Application security experience identifying, investigating, and remediating vulnerabilities across all stages of the SDLC.
  • Hands on experience writing and reviewing code and contributing to developer workflows such as design reviews, planning, and implementation.
  • Proven experience designing, implementing, and improving security tooling and CI/CD integrations, with focus on reducing noise and prioritizing risk.
  • Strong focus on developer experience with the ability to communicate security issues clearly.
  • Familiarity with application architectures, including monolithic and microservice based designs.
  • Solid understanding of frameworks such as OWASP Top 10, SAMM, ASVS, and FIRST principles
  • Comfort working across one or more programming languages such as Java, C++, Python, JavaScript or similar.

And:

  • Experience with LLMs, AI, and agentic coding platforms such as Github Co-pilot, Gemini, or Claude Code.
  • Proven experience as a security subject-matter expert, mentoring and raising awareness to security mandates.

Posted: February 24th, 2026

Similar Jobs: