ArgoCD, Jenkins, Artifactory, DevSecOps Engineer

We are seeking a ArgoCD, Jenkins, Artifactory, DevSecOps Resource having 8+ years of professional experience to build secure CI/CD pipelines using Jenkins and Artifactory, implementing GitOps deployments with ArgoCD on Kubernetes, and integrating automated security scans (SAST, DAST, SCA) to "shift-left" security. The engineer will manage infrastructure as code, enhance vulnerability management, and automate security guardrails.This role requires close collaboration with cross‑functional teams, adherence to Engineering standards, Architecture patterns and Agile practices, and ownership of service quality and delivery.Key ResponsibilitiesPipeline Orchestration (Jenkins): Architect and maintain end-to-end CI/CD pipelines using Jenkins (often leveraging Shared Libraries or Jenkins MPL) to automate builds, testing, and security scanning.CI/CD & GitOps: Design, implement, and maintain CI/CD pipelines using Jenkins and GitOps workflows with ArgoCD for Kubernetes environments.GitOps & Continuous Delivery (ArgoCD): Implement and optimize declarative, GitOps-based deployment workflows using ArgoCD to manage the state of Kubernetes clusters.Artifact Management: Manage and optimize Artifactory for securing and storing container images, libraries, and binary artifacts.Artifact Management (JFrog Artifactory): Manage the full lifecycle of software binaries and dependencies; integrate Artifactory with automation to ensure only scanned, approved artifacts reach production."Shift-Left" Security: Embed automated security tools—such as SAST (Static Analysis), SCA (Software Composition Analysis), and DAST (Dynamic Analysis)—directly into Jenkins pipelines to identify vulnerabilities early.Infrastructure as Code (IaC): Automate security guardrails and infrastructure provisioning using Terraform, Helm, or similar tools.Infrastructure as Code (IaC): Provision and secure cloud infrastructure using Terraform or Pulumi, ensuring all resources follow "least-privilege" and compliance standardsSecurity Integration (DevSecOps): Integrate automated SAST, DAST, SCA, and container scanning tools into pipelines, maintaining high signal-to-noise ratios.Vulnerability Management: Perform threat modeling, manage secrets, and respond to vulnerabilities (CVEs).Policy-as-Code: Implement automated compliance checks using tools like Open Policy Agent (OPA) or Kyverno.Monitoring & Compliance: Monitor and scale infrastructure, ensuring compliance with standards such as SOC2, HIPAA, or GDPRMandatory Technical Skills & CompetenciesExperience in DevOps, Platform Engineering, or SecOps.Strong understanding of containerization and orchestration (Kubernetes).Hands-on experience implementing automated security controlsTools: ArgoCD, Jenkins, Artifactory, Kubernetes, Docker, Terraform.Security: SAST/DAST tools, vulnerability management, secrets management (e.g., Vault), network security.Security Tooling: Hands-on experience with scanners like Snyk, SonarQube, Trivy, or Prisma CloudContainerization: Deep understanding of Docker and Kubernetes (EKS, GKE, or AKS) for orchestrating microservicesScripting/Languages: Proficiency in Python, Bash, or Groovy.Platforms: Cloud platforms (GCP), Kubernetes, GitArtifact Tools: Advanced experience with JFrog Artifactory for repository management and build info trackingExperience with GCP services.Knowledge of monitoring tools such as Prometheus, Grafana, or ELK stack.Understanding of distributed tracing and logging.Cloud concepts like fundamentals, App Configuration / App Settings, Key Vault, Cache, Service Bus (queues/topics), Event driven architecture, Blob Storage, cloud security, scalability, and resiliency patternsUnderstanding of Microservice Development design, implementation, Middleware (Kafka), filters, exception handling, logging, Authentication and authorization (JWT/OAuth concepts), Performance optimization and secure coding practicesAgile and Collaboration Tools: Sprint planning, work item tracking, and agile delivery, Technical documentation and knowledge sharingSoft SkillsStrong problem-solving and analytical skillsClear communication with technical and non‑technical stakeholdersOwnership mindset and production‑grade engineering disciplineAbility to work independently and within cross‑functional teams