About Reputation
Reputation, founded in Silicon Valley in 2013, is the industry's sole platform that uses an AI-powered product stack to help companies measure, manage, and scale their real-time reputation performance everywhere, effectively functioning as a business's eyes and ears across all customer feedback channels to uncover predictive insights. This market leadership is reinforced by significant funding from top-tier firms like Bessemer Venture Partner, Kleiner Perkins, and Marlin Equity Partners, driving substantial annual recurring revenue from Global Fortune 1000 companies, major automotive OEMs, healthcare systems, and top property management firms, with trust from over 250 partners including Google and Meta. Recognized recently as America’s Greatest Midsized Workplaces by Newsweek which rewards excellence and career development, and attracts player-coaches, team-oriented collaborators, and individuals who value perseverance and hustle.
Overview:
We are seeking an accomplished Senior or Principal level DevSec Engineer to strengthen and advance our cloud security and DevSecOps posture. The ideal candidate will possess a deep understanding of secure software engineering, CI/CD automation, and cloud-native security practices across AWS, Azure, and GCP. This role combines hands-on technical expertise with strategic leadership, helping implement scalable, automated, and secure DevSecOps frameworks that safeguard our infrastructure and product environments.
You will play a key role in building secure-by-design systems, managing cryptographic frameworks, and leading automation across security monitoring, vulnerability management, and incident response.
Key Responsibilities:
1.
DevSecOps Architecture & Automation
Design and enhance secure CI/CD pipelines integrating SAST, DAST, dependency scanning, and container image scanning (e.g., Trivy, SonarQube, Snyk).
Implement automated policy enforcement using IaC and GitOps (Terraform, Helm, Ansible).
Lead multi-cloud security integration across AWS, GCP, and Azure, including IAM, KMS, and encryption services.
Drive automation of compliance, vulnerability management, and remediation workflows.
Collaborate with developers to embed security throughout the SDLC ('shift-left' security).
2. Cloud & Platform Security
Manage and secure Kubernetes and containerized workloads across QA, staging, and production.
Enforce secure configurations based on CIS Benchmarks, STIGs, and NIST 800-53 guidelines.
Implement key management, certificate lifecycle management, and cryptographic controls (PKI, RSA, ECC, AES, X.509).
Support multi-cloud IAM integration (Okta, JumpCloud, Duo, SailPoint) ensuring SSO and MFA best practices.
Oversee WAF management, network segmentation, and security hardening.
3. Security Operations & Monitoring
Lead vulnerability management using Qualys, Burp Suite, SonarCloud, and cloud-native scanners.
Monitor and manage endpoint protection via SentinelOne or equivalent EDR tools.
Perform secret detection and secure code review; coordinate with dev teams for rotation and remediation.
Integrate SIEM solutions and automate alerting for real-time threat detection.
Support and enhance incident response procedures, including detection, containment, and forensics.
4. Governance, Risk & Compliance
Ensure adherence to security and compliance frameworks (ISO 27001, SOC 2, NIST).
Contribute to security audits, automation of evidence collection, and reporting.
Maintain and evolve security documentation, standards, and runbooks for DevSecOps workflows.
Participate in vendor and third-party risk management, assessing security posture and integration risks.
5. Leadership & Continuous Improvement
Mentor junior security and DevOps engineers; promote secure engineering culture across teams.
Evaluate and introduce emerging tools for threat modeling, scanning, and cryptographic management.
Drive automation-first initiatives to reduce operational overhead and human error.
Lead post-incident reviews and contribute to architecture improvements.
Required Skills & Qualifications:
Preferred candidate will have Master’s degree/PhD in computer science/Computer Engineering /Cyber security or in a relevant field with 15+ years of experience in DevSecOps, Security Engineering, or Cloud Security roles.
Strong knowledge of PKI, KMS, and cryptographic standards (RSA, AES, ECC, SHA, TLS).
Hands-on expertise in CI/CD automation, Kubernetes, Docker, and cloud services (AWS, GCP, Azure).
Proficiency with Terraform, Ansible, and scripting languages (Python, Go, or Bash).
Deep understanding of IAM, SSO/MFA, and federated identity protocols (OAuth 2.0, OIDC, SAML 2.0).
• Experience managing WAFs, EDR, and SIEM solutions.
• Familiarity with security frameworks (ISO, NIST, CIS Benchmarks).
Preferred / Nice to Have:
Certifications: CKA, CKS, CISSP, Security+, Terraform Associate, or CEH.
Experience with Venafi CLM, Gemalto Key Secure, or HSM integrations.
Exposure to Zero Trust architectures and threat modeling methodologies.
Prior involvement in cloud audit automation and compliance tooling.
Soft Skills:
Strategic, analytical, and detail-oriented mindset.
Our Benefits & Perks
We believe our people deserve to feel supported, valued, and rewarded both in and out of work. That’s why we offer a generous and thoughtfully designed benefits package, including:
Health Insurance & Wellness Benefits:
Group Health Insurance: Medical Insurance with floater policy of up to Rs 10,00,000 for employee + spouse + 2 dependent children + 2 parents / parent-in-laws
Maternity Benefits:
Medical insurance up to 75,000 INR, 26 weeks of leave for birth, adoption or surrogacy
Life Insurance:
Insurance at 3x annual cost to the company (Term Insurance, GPA)
Accident/Disability Insurance:
Insured at 3x base salary for permanent total disability, permanent partial disability and temporary total disability (GPA)
OPD:
As part of your health benefits, Employees are entitled to an annual OPD allowance of ₹7,500. This can be used for doctor consultations, diagnostic tests, and prescribed medications. The benefit is applicable to both the employee and eligible dependents and should be claimed within a month's time.
AHC:
All employees are eligible for one complimentary Annual Health Check each year. Employees may also extend this benefit to their dependents, they can avail the same package at the specially negotiated rates, payable by the employee.
Leaves
Company Holidays:
10 paid holidays per year (see annual Holiday Calendar)
Casual/Sick Leave:
12 days per year (pro-rated)
Earned Leave:
2 days per month (pro-rated)
Extended Company Holidays:
4 additional paid days off
Maternity Leave:
6 months
Paternity Leave:
10 working days
Bereavement Leave:
10 working days
Car Lease:
Reputation is offering a Car Lease Program that allows employees to lease a car with no upfront cost or down payment. They benefit from a fixed monthly lease rental and 20-30% tax savings.
We are an equal opportunity employer and value diversity at our company. We do not discriminate based on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
To learn more about how we handle the personal data of applicants, visit our
Candidate Privacy Notice
.
Applicants only - No 3rd party agency candidates.
