Language
Back to all jobs

Software Development Engineer - III

Open Source
ARGO
Deployment
Parsing
Identity and Access Management
GitLab
GitHub
AWS EKS
Terraform
Kubernetes
Amazon Web Services
SAML
Okta
Continuous Integration/Delivery
Structured Software
Python
Description:

DevSecOps Engineer – Security Automation & Pipeline Development 

It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today — ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500®. Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone.

Benefit options available through Magnit Global, depending on contract factors and upon meeting requirements.

 

About The Work

We are seeking a DevSecOps engineer to help secure our AWS EKS Kubernetes environment and CI/CD pipeline as we prepare for a FedRAMP High audit. We run 350 container images on AWS EKS. FedRAMP expertise is not required, but deep familiarity with container technology and security is essential. 

Responsibilities 

  • Upgrade vulnerable containers in collaboration with the DevSecOps team, testing and promoting updates to production.
  • Apply cloud hardening and maintain Terraform/Ansible code to enforce security settings across AWS services and Kubernetes nodes per STIG and CIS benchmarks.
  • Design and maintain automated container patching pipelines including base image refresh, rebuild triggers, and automated PR generation.
  • Build and maintain vulnerability scanning workflows using Grype and/or Trivy as pipeline gates blocking promotion of images exceeding CVE thresholds.
  • Build and manage Argo Workflows orchestrating end-to-end patch automation from scanning through remediation, rebuild, and deployment.
  • Write Python-based tooling supporting pipeline logic, scan result parsing, notification routing, and patch orchestration.
  • Own GitHub-based development workflow: branch strategy, PR creation/review, code quality standards, and merge gate enforcement.
  • Conduct code reviews ensuring changes meet security, quality, and operational standards before production promotion.
  • Maintain production readiness practices including testing, peer review, rollback procedures, and deployment validation.
  • Analyze Kubernetes IAM configurations and RBAC policies to identify overprivileged roles, misconfigurations, and deviations from least-privilege principles.
  • Review and harden Kubernetes network setup and segmentation including network policies, namespace isolation, and inter-service communication controls.
  • Audit certificate usage across the cluster and pipeline, ensuring proper issuance, validity, and automated rotation; verify secrets are rotated on schedule and not hardcoded or overexposed.
  • Scan codebases, repos, and infrastructure configs for exposed secrets using open source tools such as Hedgehog and equivalent secret detection utilities.
  • Scan S3 buckets for exposed secrets and sensitive data, remediating findings and implementing preventive controls.
  • Review network, WAF, and Istio logs to map existing traffic flows and service communication patterns in preparation for network segmentation and a deny-by-default lockdown posture.
  • Develop automations for WAF rule creation and tuning based on observed traffic patterns and threat intelligence.
  • Leverage Claude to accelerate security research, organize remediation plans, and develop Python-based tooling for non-production-impacting automation and analysis tasks.
  • Min Bachelor's Degree in relevant field

Core Platform & Cloud AWS EKS, Kubernetes, Terraform, Ansible, ArgoCD, Argo Workflows, GitLab, GitHub 

Security & Compliance FedRAMP, STIG, CIS Benchmarks, RBAC, IAM, Okta/OIDC, SAML, WAF, Istio, Network Segmentation, Certificate Management, Secrets Rotation, Least Privilege 

Scanning & Tooling Grype, Anchore, Hedgehog, S3 Scanning, Vulnerability Scanning, Secrets Detection 

Development Python, CI/CD Pipelines, Code Review, PR Management, Patch Automation 

AI Claude, AI-Assisted Coding 

 

Equal Opportunity Employer

Magnit Global is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements. 

 

QUALIFICATION/ LICENSURE :
  • Work Authorization : Not specified
  • Travel Required : No travel required
  • Shift timings: Not specified
Job Location Bangalore, Karnataka (Hybrid)
Contract Duration 6 month(s)
Apply
Related jobs
Other
Executive Assistant
Santa Clara, California (Hybrid)
6 month(s)
Operations
Time Management
Relationship Management
Executive Assistant
Executive Administrative
Posted: May 14, 2026
Apply Now
Other
Executive Administrative Assistant - III
Bangalore, Karnataka (Hybrid)
7 month(s)
Operations
ServiceNow
Disability
Executive Administrative
Administrative Support
Posted: May 19, 2026
Apply Now
Other
Contact Center Agent - I
Hyderabad, Telangana (Hybrid)
12 month(s)
Subject Matter Expert
ServiceNow
Contact Centre
Customer Service
Customer Inquiries
Posted: Today
Apply Now