ArgoCD, Jenkins, Artifactory, DevSecOps Engineer

We are seeking a ArgoCD, Jenkins, Artifactory, DevSecOps Resource having 8+ years ofprofessional experience to build secure CI/CD pipelines using Jenkins and Artifactory, implementing GitOps deployments with ArgoCD on Kubernetes, and integrating automated security scans (SAST, DAST, SCA) to "shift-left" security. The engineer will manage infrastructure as code, enhance vulnerability management, and automate security guardrails.

This role requires close collaboration with cross?functional teams, adherence to Engineering standards, Architecture patterns and Agile practices, and ownership of service quality and delivery., * Pipeline Orchestration (Jenkins): Architect and maintain end-to-end CI/CD pipelines using Jenkins (often leveraging Shared Libraries or Jenkins MPL) to automate builds, testing, and security scanning.

• CI/CD & GitOps: Design, implement, and maintain CI/CD pipelines using Jenkins and GitOps workflows with ArgoCD for Kubernetes environments.
• GitOps & Continuous Delivery (ArgoCD): Implement and optimize declarative, GitOps-based deployment workflows using ArgoCD to manage the state of Kubernetes clusters.
• Artifact Management: Manage and optimize Artifactory for securing and storing container images, libraries, and binary artifacts.
• Artifact Management (JFrog Artifactory): Manage the full lifecycle of software binaries and dependencies; integrate Artifactory with automation to ensure only scanned, approved artifacts reach production.
• "Shift-Left" Security: Embed automated security tools-such as SAST (Static Analysis), SCA (Software Composition Analysis), and DAST (Dynamic Analysis)-directly into Jenkins pipelines to identify vulnerabilities early.
• Infrastructure as Code (IaC): Automate security guardrails and infrastructure provisioning using Terraform, Helm, or similar tools.
• Infrastructure as Code (IaC): Provision and secure cloud infrastructure using Terraform or Pulumi, ensuring all resources follow "least-privilege" and compliance standards
• Security Integration (DevSecOps): Integrate automated SAST, DAST, SCA, and container scanning tools into pipelines, maintaining high signal-to-noise ratios.
• Vulnerability Management: Perform threat modeling, manage secrets, and respond to vulnerabilities (CVEs).
• Policy-as-Code: Implement automated compliance checks using tools like Open Policy Agent (OPA) or Kyverno.
• Monitoring & Compliance: Monitor and scale infrastructure, ensuring compliance with standards such as SOC2, HIPAA, or GDPR

• Experience in DevOps, Platform Engineering, or SecOps.
• Strong understanding of containerization and orchestration (Kubernetes).
• Hands-on experience implementing automated security controlsTools: ArgoCD, Jenkins, Artifactory, Kubernetes, Docker, Terraform.
• Security: SAST/DAST tools, vulnerability management, secrets management (e.g., Vault), network security.
• Security Tooling: Hands-on experience with scanners like Snyk, SonarQube, Trivy, or Prisma Cloud
• Containerization: Deep understanding of Docker and Kubernetes (EKS, GKE, or AKS) for orchestrating microservices
• Scripting/Languages: Proficiency in Python, Bash, or Groovy.
• Platforms: Cloud platforms (GCP), Kubernetes, Git
• Artifact Tools: Advanced experience with JFrog Artifactory for repository management and build info tracking
• Experience with GCP services.
• Knowledge of monitoring tools such as Prometheus, Grafana, or ELK stack.
• Understanding of distributed tracing and logging.
• Cloud concepts like fundamentals, App Configuration / App Settings, Key Vault, Cache, Service Bus (queues/topics), Event driven architecture, Blob Storage, cloud security, scalability, and resiliency patterns
• Understanding of Microservice Development design, implementation, Middleware (Kafka), filters, exception handling, logging, Authentication and authorization (JWT/OAuth concepts), Performance optimization and secure coding practices
• Agile and Collaboration Tools: Sprint planning, work item tracking, and agile delivery, Technical documentation and knowledge sharing

Soft Skills

• Strong problem-solving and analytical skills
• Clear communication with technical and non?technical stakeholders
• Ownership mindset and production?grade engineering discipline

Ability to work independently and within cross?functional teams