DevSecOps (DevOps) Engineer

				Overview:

Keysight is at the forefront of technology innovation, delivering breakthroughs and trusted insights in electronic design, simulation, prototyping, test, manufacturing, and optimization. Our ~15,000 employees create world-class solutions in communications, 5G, automotive, energy, quantum, aerospace, defense, and semiconductor markets for customers in over 100 countries. Learn more about what we do.

Our award-winning culture embraces a bold vision of where technology can take us and a passion for tackling challenging problems with industry-first solutions. We believe that when people feel a sense of belonging, they can be more creative, innovative, and thrive at all points in their careers.

As a DevSecOps Engineer, you will design, implement, and maintain secure, automated infrastructure pipelines for enterprise software delivery. This role combines expertise in infrastructure-as-code, containerization, and security compliance to ensure robust, scalable, and compliant deployments across hybrid environments.

Responsibilities:

* Infrastructure Automation
* Develop and maintain Packer templates for creating hardened VM and container images, ensuring compliance with internal security standards. 
* Collaborate with IT and product teams to streamline image pre-configuration for on-prem and cloud deployments.

* Containerization & Orchestration
* Build and manage multi-container environments using Docker Compose, Podman, and Kubernetes for application deployment. 
* Evaluate and implement alternatives for container orchestration in secure or air-gapped environments. 
* Create and maintain VMs both manually and via (CI/CD) provisioning.

* Security Integration
* Perform Black Duck scans and vulnerability assessments on source code, dependencies, and container images to meet SSDF and compliance requirements. 
* Address identified security issues by upgrading components and mitigating risks in CI/CD pipelines. 
* Collaborate with product security teams to enforce best practices for open-source compliance and license management.

* Continuous Improvement
* Integrate security scanning tools (e.g., Black Duck Detect, VMT) into Jenkins and other CI/CD platforms. 
* Monitor and optimize performance of security tools and container platforms, ensuring minimal downtime during maintenance windows. 

* Documentation
* Create instructions for both internal teams and customers to deploy, maintain, and upgrade images.
* Include documentation in the CI/CD pipeline.

Qualifications:

*  Strong experience with Packer, Docker, Docker Compose, and container orchestration tools (Kubernetes, Podman).
* Experience programming with Python, bash, etc.
* Proficiency in CI/CD pipelines and automation frameworks (Jenkins, GitLab CI).
* Hands-on experience with security scanning tools (Black Duck, SCA solutions) and remediation workflows.
* Knowledge of Linux administration and secure image creation for Debian/RHEL/Alpine environments.  
* Familiarity with compliance frameworks (SSDF, legal open-source reviews).
* Strong collaboration skills to work with cross-functional teams (IT, Product Security, R&D).

Preferred Qualifications

* Experience deploying solutions in air-gapped or high-security environments.
* Understanding of cloud-native security practices and container runtime hardening.
* Full stack development experience.

Note: Any use of AI assistance during interviews will result in immediate disqualification for this position.

Careers Privacy Statement***Keysight is an Equal Opportunity Employer.***
			

Apply

Share this job:

Share this Job

View company profile

Keysight Technologies Inc.

Connect To Our Company