Offensive DevSecOps Engineer

1w1 week ago

Logitech

Chennai, IN · Full-time · INR 3,000,000 – INR 6,000,000

About this role

Logitech's security team is evolving the way it tests, validates, and automates security across a complex and diverse product ecosystem. As an Offensive DevSecOps Engineer, you will build tooling, automation, and testing strategies that keep Logitech's security posture continuously validated. You will develop custom security tools, integrate security into CI/CD pipelines, and conduct offensive testing across web applications, APIs, and cloud infrastructure.

A core part of this role involves building an AI-assisted security testing strategy using modern AI models to scale code review, automate vulnerability triage, and enhance offensive testing workflows. You will work closely with the Product Security Architect and engineering teams, translating architectural security requirements into practical validation. This ensures that what is designed securely is also tested thoroughly.

Day-to-day tasks include designing custom security automation frameworks, owning AI integrations like Opus 4.6 into CI/CD for intelligent SAST/DAST triage, and developing AI-powered workflows for fuzzing and LLM red teaming. You will integrate security controls natively into pipelines like GitHub Actions or GitLab CI, tuning them to minimize false positives. Offensive operations feature targeted penetration tests and vulnerability proof-of-concepts.

You will act as technical lead for external security testing and manage the bug bounty program, triaging reports. This role offers flexibility to make a positive global impact in your own way, while continuously evolving strategies for emerging AI vulnerabilities. Growth comes from scaling testing capabilities beyond off-the-shelf tools.

Requirements

Experience building custom security automation frameworks and tooling for web, APIs, and cloud infrastructure
Proficiency integrating AI models into security workflows for code review, vulnerability triage, and offensive testing
Hands-on with CI/CD pipelines such as GitHub Actions or GitLab CI for embedding SAST, DAST, SCA, and secrets detection
Skills in penetration testing, fuzzing, payload generation, and LLM red teaming for AI features like prompt injection
Ability to design pipeline thresholds, feedback mechanisms, and tuning to reduce false positives
Knowledge of managing bug bounty programs and external pentest engagements including scope definition and findings validation

Responsibilities

Design, build, and maintain custom security automation frameworks, tooling, and integrations that scale testing capabilities
Own deployment, maintenance, and continuous improvement of security team's internal tooling infrastructure
Build and own AI-assisted security testing strategy integrating models such as Opus 4.6 into CI/CD pipelines for code review and vulnerability triage
Develop AI-powered offensive testing workflows including automated payload generation, fuzzing, and LLM red teaming
Integrate security controls natively into CI/CD pipelines ensuring SAST, DAST, SCA, and secrets detection in developer workflows
Conduct targeted internal penetration tests across web applications, APIs, and cloud infrastructure
Perform vulnerability validation and proof-of-concept development to assess exploitability and business impact
Act as technical lead for external security testing engagements and manage bug bounty program triaging reports