DevSecOps Engineer - Product Security at McAfee

, , India -

Full Time

Start Date

Immediate

Expiry Date

03 Sep, 26

Salary

0.0

Posted On

05 Jun, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

SAST, DAST, SCA, CI/CD, GitHub Actions, Jenkins, Harness, Terraform, AWS, Azure, GCP, Git, GitHub, Software Supply Chain Security, Automation, Build Hardening

Industry

Computer and Network Security

Description

Role Overview: The Product Security DevSecOps Engineer is a hands-on technical role responsible for ensuring the technologies that support the Secure Development Lifecycle (SDLC) are secure, correctly configured, and operating effectively at scale. This role owns the product security tooling ecosystem and secure build environment, working closely with Engineering, DevOps, and Product Security teams to embed security into CI/CD pipelines with minimal friction and maximum risk reduction. The ideal candidate is highly comfortable in developer and build environments, understands how software is built and shipped, and focuses on improving signal quality, adoption, and overall security outcomes through tooling, automation and build hardening. This is a Hybrid position located at our Bangalore, India development center. You will be required to be on-site 2 to 3 days per week. When you are not working on-site, you will be working from your home office. We are only considering candidates within a commutable distance to our Bangalore office and are not offering relocation assistance at this time. About the Role: You will own, operate and optimize the Product Security tech stack, building and maintaining security controls that integrate seamlessly across CI/CD pipelines. You will champion shift-left security practices across engineering teams working on microservices, mobile and thick client applications, ensuring consistent scanning, policy enforcement, and artifact integrity. You will drive and build pipeline hardening, ensuring CI/CD environments are securely configured, protected from supply chain and pipeline risks. You will collaborate with Engineering , DevOps to embed security tooling and hardened build practices into CI/CD workflows, while running hygiene and improvement campaigns such as dependency cleanup and policy adoption. You will build automation for scan execution, triage, ticketing, and security metrics and reporting while supporting product security incidents by rapidly assessing exposure across repositories, pipelines, and published artifacts. About You: 5 –7 years of hands-on experience integrating security testing tools such as SAST (e.g., CodeQL, Checkmarx), DAST (e.g., Burp Suite), and SCA (e.g., Snyk, Dependabot) into build pipelines. You should have strong experience in software engineering, build or DevOps environments, including Git/GitHub, CI/CD, and artifact repositories. You should have hands-on experience with CI/CD tools such as GitHub Actions, Jenkins, Harness or Terraform, along with familiarity with cloud platforms like AWS, Azure or GCP. You should have a solid understanding of software supply chain security, secure build risks and be comfortable working directly with developers and product security teams to drive adoption and risk reduction. You should be a practical, clear communicator with strong automation, continuously improving mindset and a passion for enabling secure-by-default development through better tooling and hardened builds. #LI-Hybrid Company Overview McAfee is a leader in personal security for consumers. Focused on protecting people, not just devices, McAfee consumer solutions adapt to users’ needs in an always online world, empowering them to live securely through integrated, intuitive solutions that protects their families and communities with the right security at the right moment. Company Benefits and Perks: We work hard to embrace diversity and inclusion and encourage everyone at McAfee to bring their authentic selves to work every day. We’re proud to be Great Place to Work® Certified in 10 countries, a reflection of the supportive, empowering environment we’ve built where people feel seen, valued, and energized to reach their full potential and thrive. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees. Bonus Program Pension and Retirement Plans Medical, Dental and Vision Coverage Paid Time Off Paid Parental Leave Support for Community Involvement We're serious about our commitment to diversity which is why McAfee prohibits discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status. McAfee recognizes and supports its obligation to reasonably accommodate applicants and employees with disabilities. We are here to help. Please let us know if you need a reasonable accommodation for any part of the application, interviewing, hiring, or at any other time during the employment process. Please do not include personal medical information in the email. Diversity is foundational for our business success. We want to be a workplace of choice for all people and we value the unique perspectives offered by a diverse workforce. McAfee does not unlawfully discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity or expression, national origin, citizenship, disability, protected veteran status, age, ancestry, medical condition, genetic information, marital status, pregnancy, or any other legally protected status. This principle applies to all areas of employment: recruitment and hiring, training, performance evaluations, promotions and transfers, compensation and benefits, and social and recreational programs. McAfee desires to be an employer of choice with an inclusive environment for all individuals. As part of this goal and in compliance with various laws and regulations, McAfee provides reasonable accommodation to applicants and employees. Requests for reasonable accommodation for applicants and employees are evaluated on a case-by-case basis. By submitting your CV/resume, McAfee will use the personal data that you have submitted in order to consider your application for a relevant role. McAfee processes personal data in accordance with its Privacy Policy (https://www.mcafee.com/enterprise/en-gb/about/legal/privacy.html).

Responsibilities

Own and optimize the Product Security tech stack by integrating security controls into CI/CD pipelines. Drive pipeline hardening and shift-left security practices to reduce risk across microservices and applications.