Remote policy: Full remote
Role description
Location: India
Focus on:
- Governance Processes
- Security Enablement
- Experience with Compliance
- Vulnerability management
How can you help us?
As a Platform Engineer in OutSystems R&D, you'll oversee governance activities related to our DevOps platforms, including container base images, GitHub, Azure DevOps (ADO), and related infrastructure. This role requires a balance of governance expertise with a solid understanding of DevSecOps practices, as you will be responsible for maintaining secure, compliant, and high-performing platform operations.
In this role you are expected to:
- Act as the primary owner of governance for container base images, GitHub repositories, Azure DevOps pipelines, and other DevOps and platform tools, ensuring they are secure, compliant, and high-performing.
- Collaborate closely with the Product Security team to align governance practices with organizational security and compliance strategies.
- Design and implement governance processes that enable teams to adhere to security and compliance requirements with minimal friction, ensuring a balance between innovation and risk management.
- Ensure compliance with industry standards and internal policies related to code security, data protection, and software lifecycle management.
- Work with DevOps and engineering teams to streamline workflows and enhance automation within governance frameworks.
- Assist in incident response activities related to DevOps platforms, including investigating security or operational incidents and implementing long-term remediations.
- Implement and manage automated solutions for vulnerability scanning, policy enforcement, and compliance monitoring within DevOps tools (e.g., GitHub Actions, ADO pipelines).
- Collaborate on CI/CD pipeline governance, managing secrets, and handling access control.
- Oversee the security, maintenance, and lifecycle of container base images, ensuring they meet compliance standards and are updated with the latest patches.
- Develop and maintain dashboards, compliance reports, and KPIs that provide actionable insights into platform governance, security posture, and operational health.
Main requirements
What you need to succeed in this job:
- Bachelor’s degree in Computer Science, Information Technology, or a related field (or equivalent experience).
- Strong proficiency with GitHub, Azure DevOps, and containerization tools (Docker, Kubernetes).
- Experience implementing and managing governance frameworks within DevOps environments.
- Experience with the vulnerability management process and security tools, such as AppSec Testing (AST) platforms, Cloud Workload Protection Platforms (CWAPP), Cloud Native Application Protection Platforms (CNAPP), or similar platforms, with a focus on integrating these tools into CI/CD pipelines.
- Experience with SOC2 Type 2 and FedRAMP Moderate compliance requirements, including the specific security controls impacting DevOps and platform governance.
- Solid understanding of DevOps principles, including CI/CD, IaC, and container orchestration.
- Experience with cloud providers (Azure, AWS, or Google Cloud).
- Availability to participate in on-call rotations if required for critical incidents.
- Fluency in English and good communication skills