Cognizant is a leading technology company that helps clients modernize technology and transform experiences. They are seeking a highly skilled Security Engineer to integrate security across the software development lifecycle, secure CI/CD pipelines, and implement cloud-native security controls while collaborating with various teams to ensure secure application and infrastructure development.
Responsibilities:
- Design, implement, and enhance DevSecOps practices across CI/CD pipelines
- Integrate security controls, scanning tools, and policy enforcement into build and deployment workflows
- Perform security reviews of Infrastructure as Code (IaC) templates and cloud-native architectures
- Implement and maintain container and Kubernetes security best practices
- Analyze and interpret findings from SAST, SCA, DAST, container, and IaC security scans
- Partner with development teams to remediate vulnerabilities and improve security posture
- Coach and mentor developers on secure coding standards and security-by-design principles
- Develop security guardrails, policies, and automated compliance checks within CI/CD pipelines
- Conduct threat modeling, security assessments, and risk reviews for cloud-native applications
- Work with platform and cloud teams to implement security controls across Kubernetes environments
- Monitor emerging threats, vulnerabilities, and industry security trends and recommend mitigations
- Support incident investigations related to application, container, and cloud security
Requirements:
- 6+ years of experience in Cybersecurity, DevSecOps, Application Security, or Cloud Security
- Strong knowledge of CI/CD pipeline orchestration and automation
- Hands-on experience with tools such as Jenkins, GitLab CI/CD, GitHub Actions, Azure DevOps, or similar
- Strong understanding of Infrastructure as Code (Terraform, CloudFormation, ARM, Helm, etc.)
- Experience securing IaC using tools such as Checkov, tfsec, Terrascan, or equivalent
- Hands-on experience with container security and hardening using Docker and Kubernetes
- Deep expertise in Kubernetes security concepts including: RBAC, Network Policies, Pod Security Standards, Admission Controllers, Secrets Management, Runtime Security
- Experience with SAST, SCA, and DAST tools such as: Snyk, Checkmarx, Veracode, SonarQube, Fortify, OWASP ZAP, Burp Suite
- Strong understanding of secure coding practices and application security principles
- Experience interpreting vulnerability findings and driving remediation efforts
- Knowledge of cloud security concepts across AWS, Azure, or GCP
- Strong communication and stakeholder management skills
- Experience with cloud-native security platforms and CNAPP solutions
- Familiarity with container security tools such as Trivy, Prisma Cloud, Aqua Security, Wiz, or Sysdig
- Knowledge of threat modeling methodologies and OWASP Top 10
- Experience working in Agile and DevOps environments
- Security certifications are preferred: Certified Kubernetes Security Specialist (CKS), Certified Kubernetes Administrator (CKA), CISSP, CCSP, AWS/Azure Security Certifications