DevSecOps Manager
MoEngage
About MoEngage:
MoEngage is an insights-led customer engagement platform trusted by 1,350+ global consumer brands, including McAfee, Flipkart, Domino’s, Nestle, Deutsche Telekom, and OYO. MoEngage combines data from multiple sources to help brands gain a 360-degree view of their customers. MoEngage Analytics arms marketers and product owners with insights into customer behavior.
Brands can leverage MoEngage Personalize to orchestrate journeys and build 1:1 conversations across the website, mobile, email, social, and messaging channels. MoEngage Inform, the transactional messaging infrastructure, helps unify promotional and transactional communication to a single platform for better insights and lower costs. MoEngage’s AI Suite helps marketers develop winning copies and creatives, optimize campaigns and channels that boost engagement, and help with faster execution.
For over a decade, consumer brands in 60+ countries have been using MoEngage to power digital experiences for over a billion monthly customers. With offices in 15 countries, MoEngage is backed by Goldman Sachs Asset Management, B Capital, Steadview Capital, Multiples Private Equity, Eight Roads, F-Prime Capital, Matrix Partners, Ventureast, and Helion Ventures.
MoEngage was named a Contender in The Forrester Wave™: Real-Time Interaction Management, Q1 2024 report, and Strong Performer in The Forrester Wave™ 2023 report. MoEngage was also featured as a Leader in the IDC MarketScape: Worldwide Omni-Channel Marketing Platforms for B2C Enterprises 2023.
About the Role
We are seeking a highly experienced DevSecOps Manager to lead the architecture and execution of our entire DevSecOps framework. Your core mission is to champion the "Secure by Design" philosophy and leverage a deep engineering mindset to drive the program. This perspective will be essential for facilitating faster issue identification and building proactive solutions to mitigate potential issues and delivery blockers. You will balance aggressive high-velocity delivery goals with uncompromising security and compliance to build a secure, resilient and highly scalable system.
You will have deep technical ownership of our Multi-Cloud environment (AWS & GCP), container orchestration (Kubernetes), and CI/CD workflows, while proactively managing our Cloud Security Posture.
Key Responsibilities
1. Infrastructure & Cloud Architecture
-
Facilitate SRE/Engineering teams to Create, deploy, and manage secure, scalable infrastructure across AWS and GCP (knowledge of Azure is a plus).
-
Implement Infrastructure as Code (IaC) using Terraform to ensure reproducible, auditable, and compliant environments.
-
Manage and harden Linux-based application servers, ensuring OS-level security and performance tuning.
2. Cloud Security & Compliance (New Focus)
-
IAM Governance: Design and enforce strict Identity and Access Management (IAM) policies based on the Principle of Least Privilege (PoLP).
-
CSPM Management: Implement and manage Cloud Security Posture Management tools (e.g., AWS Security Hub, GCP Security Command Center, or Wiz) to detect misconfigurations in real-time.
-
Audit & Compliance: Ensure infrastructure meets industry benchmarks (CIS Benchmarks, SOC2 etc.) and manage automated compliance checks.
-
Encryption: Manage secret lifecycles using HashiCorp Vault or AWS KMS/GCP KMS, ensuring data is encrypted at rest and in transit.
3. Containerization & Orchestration
-
Design and maintain production-grade Kubernetes clusters (EKS/GKE).
-
Implement Container Security best practices, including image scanning (Trivy/Clair/Wiz) and runtime security (Falco).
4. CI/CD & Automation
-
Build and optimize end-to-end CI/CD pipelines using Jenkins, Harness, or Woodpecker.
-
Write advanced automation scripts using Python and Shell (Bash) to auto-remediate security incidents (e.g., automatically isolating a compromised instance).
-
Utilize Configuration Management tools like Ansible to enforce security configurations across all servers.
5. Secure CDN & Edge Architecture
-
Design Secure CDN architectures, implementing comprehensive WAF rules and DDoS protection.
-
Ensure "Origin Security" to prevent attackers from bypassing the CDN to hit the servers directly.
6. Observability & Reliability
-
Maintain a robust monitoring stack using Prometheus, Grafana, and ELK/Sumologic/Coralogic.
-
Implement security logging and alerting (SIEM integration) to detect anomalies in traffic or access patterns.
7. Project & Team Management
-
Drive effective project management for DevSecOps initiatives, defining clear scope, managing dependencies, and ensuring timely, high-quality delivery.
-
Drive end-to-end automation for controls, compliance enforcement, and incident response, striving for self-healing infrastructure and zero-touch operations.
-
Mentor and lead technical team members, fostering a collaborative, knowledge-sharing environment that promotes best practices in security and automation.
Required Technical Skills
Core DevOps & Systems:
-
OS: Expert-level Linux administration and hardening [mandatory].
-
Scripting: Python & Shell for automation and security tooling integration [mandatory].
-
SCM: GitHub (Security features: Dependabot, CodeQL).
Cloud & Security:
-
Cloud Providers: AWS (GuardDuty, Inspector, KMS, WAF) & GCP (IAM, VPC Service Controls) [mandatory].
-
Cloud Security: Experience with CSPM tools (Wiz) and Compliance frameworks (CIS).
-
Container Security: Kubernetes Network Policies, Pod Security Standards, Image Signing.
Tools Stack:
-
Orchestration: Kubernetes, Docker.
-
IaC: Terraform.
-
CI/CD: Jenkins, Harness, Woodpecker.
-
Config Mgmt: Ansible, Chef.
Observability: NewRelic, Prometheus, Grafana, ELK Stack.
At MoEngage, we respect and value differences. We believe that when people from diverse backgrounds and perspectives collaborate, we create the most value – for our clients, our employees, and society. We embrace diversity and uphold a strong set of values. We are committed to inclusivity and take pride in providing equal opportunities for success and growth.
Employment at MoEngage is based solely on professional competence, skills, and experience. We stand firmly against all forms of discrimination and support equal rights and opportunities regardless of gender, ethnicity, abilities, age, identity, orientation or expression, marital status (including pregnancy), religion and beliefs, or any other status protected by law.
It is our policy to comply with all applicable national, state, and local laws related to non-discrimination and equal opportunity. MoEngage is truly a place where everyone can bring their passions, authentic selves, and talents to work, collaborating to drive progress and solve meaningful challenges.
Why Join Us!
At MoEngage, we are passionate about our team and technology - see below to know more about us.
We handle more than a billion messages every day. Rest assured, you will be surrounded by really smart and passionate people as we scale much more to build a world-class technology team.