Overview
Skills
Job Details
Design, implement, and maintain secure CI/CD pipelines using AWS Code Pipeline, Code Build, and Code Deploy.
Automate infrastructure provisioning and management using Terraform and AWS CDK (Python).
Implement and manage blue/green deployment strategies for seamless, zero-downtime releases.
Integrate security scanning tools (SAST, DAST, SCA) and automated vulnerability checks into all stages of the CI/CD pipeline.
Collaborate with development and operations teams to establish and enforce secure coding and deployment standards.
Monitor and respond to vulnerabilities and threats across applications and cloud infrastructure.
Ensure compliance with security policies, governance frameworks, and industry best practices (e.g., OWASP, NIST, CIS).
Provide technical guidance and mentorship on DevSecOps principles and practices.
Maintain comprehensive documentation for security processes, configurations, and deployment strategies.
Required Qualifications
Proven experience as a DevSecOps Engineer with a strong background in cloud security and automation.
Deep hands-on experience with AWS services (Code Pipeline, Code Build, Code Deploy, IAM, EC2, Lambda, S3, CloudFormation).
Proficiency in Python for infrastructure automation with AWS CDK.
Strong expertise in Terraform for infrastructure-as-code (IaC).
Experience with Bitbucket for source control management.
Familiarity with Docker and Kubernetes for containerization and orchestration.
Experience with security tools such as Checkmarx and SonarQube.
Strong understanding of security frameworks (OWASP, NIST, CIS).
Excellent communication, problem-solving, and collaboration skills.
Preferred Certifications
AWS Certified DevOps Engineer
Certified DevSecOps Professional (CDP)
CISSP or equivalent security certifications