Offensive DevSecOps Engineer

External

Logitech · Chennai, India

Full-timeHybridToday

AWSAzureBashCI/CDCloud SecurityDevSecOps

Cover Letter Connect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role

About the role

Logitech's security team is evolving the way it tests, validates, and automates security across a complex and diverse product ecosystem. As an Offensive DevSecOps Engineer , you will be responsible for building the tooling, automation, and testing strategies that keep Logitech's security posture continuously validated. You will develop custom security tools, integrate security into CI/CD pipelines, and conduct offensive testing across web applications, APIs, and cloud infrastructure. A core part of this role is building out an AI-assisted security testing strategy using modern AI models to scale code review, automate vulnerability triage, and enhance offensive testing workflows in ways that traditional tooling alone cannot achieve. You will work closely with the Product Security Architect and engineering teams, translating architectural security requirements into practical validation and ensuring that what is designed securely is also tested thoroughly.

Responsibilities

Security Tool Development & Deployment

Design, build, and maintain custom security automation frameworks, tooling, and integrations that scale the team's testing capabilities far beyond what off-the-shelf solutions can offer

Own the deployment, maintenance, and continuous improvement of the security team's internal tooling infrastructure

Develop automation that turns manual, repetitive security tasks into scalable, repeatable processes

AI-Assisted Security Testing Strategy

Build and own Logitech's AI-assisted security testing strategy - integrating models such as Opus 4.6 into CI/CD pipelines for context-aware automated code review, intelligent SAST/DAST triage, and vulnerability discovery at scale

Develop AI-powered offensive testing workflows, including automated payload generation, fuzzing, and LLM red teaming for Logitech's generative AI features (e.g., testing for prompt injection, jailbreaking, and insecure output handling)

Continuously evolve the strategy to cover emerging vulnerability classes, particularly those introduced by AI integrations

CI/CD Pipeline Security

Integrate security controls natively into CI/CD pipelines (GitHub Actions, GitLab CI, or equivalent), ensuring SAST, DAST, SCA, and secrets detection are embedded directly into developer workflows

Design pipeline thresholds and feedback mechanisms that provide developers with actionable, low-noise security signals without becoming a bottleneck to delivery

Own the ongoing tuning and optimization of automated security checks to minimize false positives and maximize signal quality

Offensive Operations

Conduct targeted internal penetration tests across web applications, APIs, and cloud infrastructure to validate the architectural standards defined by the Security Architect

Perform vulnerability validation and proof-of-concept development to accurately assess and communicate real-world exploitability and business impact

External Security Program Management

Act as the technical lead for all external security testing engagements - defining scopes, reviewing methodologies, and validating findings from third-party penetration testing firms

Manage Logitech's bug bounty program: triage incoming reports, validate exploitability, communicate with researchers, and drive remediation workflows

What You Bring

Offensive DevSecOps Engineer

About the role

Responsibilities

Requirements

Additional Information

Your Match

Company Intel

What employees say

Interested in this role?