Naveen Raj R
Chennai
Summary
DevSecOps Engineer with 3 years of experience designing and securing CI/CD pipelines, enabling cloud-native deployments, and strengthening software delivery security. Skilled in Kubernetes, ArgoCD, Helm, and Terraform, with proven ability to embed security-first practices into DevOps culture. Experienced in orchestrating secure multi-cloud infrastructure and implementing runtime protection, SBOMs, and IaC scanning. Recognized for strong problem-solving skills, adaptability, and delivering secure, scalable, and resilient solutions.
Overview
3
3
years of professional experience
Work History
DevSecOps Engineer - Automation
M2P Fintech
Chennai
01.2023 - Current
- CI/CD Pipeline: Designed and automated secure CI/CD pipelines using GitHub Actions, integrating advanced security scans (SAST, SCA, secret detection), automated gating to prevent insecure Docker image pushes, Cosign image signing, and DefectDojo for vulnerability management. Incorporated Checkov for infrastructure-as-code scanning to enforce security posture.
- GitOps: Implemented policy-driven deployments using ArgoCD, enforcing secure, declarative, and auditable releases of critical DevSecOps tools across production environments.
- Monitoring & Alerting: Built an enterprise-grade observability stack utilizing StackRox, Grafana, Prometheus, and GoAlert to improve incident response readiness and ensure compliance with security SLAs.
- IaC Security Scanning: Automated Helm chart and Terraform script scanning with Checkov, significantly reducing misconfigurations and audit risks.
- CSPM: Deployed an agent in clusters across AWS, GCP, and Azure environments with root-level read access permissions. This agent collects comprehensive cloud resource inventories and continuously scans them for compliance with security best practices and regulatory standards, enabling proactive cloud security posture management.
- Helm Chart Development: Built and maintained secure Helm charts for DevSecOps applications, ensuring standardized, auditable, and error-resistant deployments.
- Runtime Security: Deployed and managed StackRox agents across Kubernetes clusters, implementing strict admission control to block noncompliant workloads and enforce runtime policies.
- SBOM (Software Bill of Materials): Established automated SBOM generation pipelines with license validation and Vulnerability Exploitability eXchange (VEX) prioritization to strengthen software supply chain compliance and enable effective vulnerability prioritization.
Education
M.Tech - Structural Engineering
SRM University
B.E. - Engineering
Veltech Engineering College
Skills
- Jenkins / GitHub Actions
- Docker
- ArgoCD ( GitOps )
- Helm
- Container Orchestration
- CI/CD Pipeline
- CSPM
- IaC Security (Helm & Cloud Provider)
- Cosign
- SBOM (License Validation & VEX) & CBOM
- AWS
- Terraform (IaC)
- Runtime Security
- Grafana
- Shell / GitHub Action Workflows
- Nextjs / Reactjs
Designation
Title: DevSecOps Engineer
Timeline
DevSecOps Engineer - Automation
M2P Fintech
01.2023 - Current
M.Tech - Structural Engineering
SRM University
B.E. - Engineering
Veltech Engineering College
Similar Profiles
Satyanarayana Murthy NSatyanarayana Murthy N
Scrum Master at M2P FintechScrum Master at M2P Fintech
Vinoth Kumar ManiVinoth Kumar Mani
Lead Engineer at M2P FinTechLead Engineer at M2P FinTech
AKSHAY JANARDAN MALAPAKSHAY JANARDAN MALAP
SDET 2 at M2P FintechSDET 2 at M2P Fintech
Franklin D.D. ArnoldFranklin D.D. Arnold
Associate Vice President at M2P FintechAssociate Vice President at M2P Fintech
Sanjay KSanjay K
Model-Based Developer (Software Engineer) at Bosch Global Software TechnologiesModel-Based Developer (Software Engineer) at Bosch Global Software Technologies