DevSecOps Engineer

Title: DevSecOps Engineer Location: Remote
Description:
Client is seeking a DevSecOps Engineer to strengthen our software development lifecycle by embedding security practices into every stage of delivery. This role will work across development, operations, and security teams to ensure applications and infrastructure are secure, compliant, and resilient, while maintaining speed and efficiency in deployment.
The ideal candidate will be responsible for streamlining our development and operational processes, ensuring efficient deployment and management of applications in cloud environments. This role requires a strong understanding of cloud computing, IT infrastructure, and software development practices. You will work closely with development teams to implement CI/CD pipelines, manage cloud resources, and enhance system performance.

Key Responsibilities:
Design, implement, and maintain secure CI/CD pipelines with automated security checks.
Integrate application security testing tools (SAST, DAST, SCA) into development workflows.
Collaborate with developers to enforce secure coding practices.
Secure Coding Standards enforced during development.
Static and Dynamic Application Security Testing (SAST/DAST), integrated into pipelines.
Automate compliance checks, code analysis in CI/CD Pipelines.
Hands on experience with Jenkins, GitLab CI/CD, Azure DevOps, or CircleCI to embed security checks.
Deep knowledge of AWS, Azure, or Google Cloud Platform security services and configurations.
Experience securing Docker and Kubernetes workloads.
Proficiency in languages like Python, Java, to automate security tasks.
Familiarity with Terraform, Ansible, or CloudFormation, with emphasis on secure configurations.
Collaborate with software developers and IT staff to oversee code releases and deployments.
Design and implement scalable cloud architecture using platforms such as AWS, Google Cloud Platform, or Azure.
Manage containerization technologies such as Docker and orchestration tools like Kubernetes.
Utilize Infrastructure as Code (IaC) tools like Ansible for automated provisioning of infrastructure.
Ensure system reliability through monitoring, logging, and alerting using tools like Jenkins and Git.
Develop RESTful APIs and microservices to facilitate communication between applications.
Maintain databases including MySQL, PostgreSQL, Oracle, and Microsoft SQL Server.
Participate in Agile development processes to improve software delivery cycles.
Troubleshoot issues across the application stack from front-end to back-end services.
Manage and secure cloud environments (AWS, Azure, Google Cloud Platform) and containerized workloads (Docker, Kubernetes)
Implement Infrastructure as Code (IaC) with secure configurations using Terraform, Ansible, or CloudFormation.
Monitor and respond to security incidents, leveraging SIEM tools and observability platforms.
Ensure compliance with industry standards and regulations (ISO 27001, NIST, GDPR, HIPAA, PCI DSS).
Provide training and guidance to teams on DevSecOps best practices.

Qualifications:
Bachelor s degree in Computer Science, Cybersecurity, or related field (or equivalent experience).
Proven experience in DevOps, Security Engineering, or Cloud Security.
Strong knowledge of CI/CD tools (Jenkins, GitLab CI/CD, Azure DevOps).
Hands on experience with cloud platforms (AWS, Azure, Google Cloud Platform).
Proficiency in programming/scripting languages (Python, Java).
Familiarity with containerization and orchestration (Docker, Kubernetes).
Experience with security automation tools and vulnerability management.
Experience with AWS & Azure & the development of tools and processes to drive DevSecOps maturity by automating builds, regression testing, monitoring, and pushing releases across environments
Experience with troubleshooting, triaging, and resolving issues in CI/CD pipeline failures or latency
Experience with developing enterprise cloud-native platforms using Kubernetes, Docker, or CI/CD tools, including GitHub Actions or GitLab CI/CD
Experience with employing an Infrastructure as Code (IaC) approach to managing cloud environments.
Experience with creating and improving automation scripts across multiple technical stacks using Python,
Experience with troubleshooting and resolving issues related to both open source and commercial tools in public cloud environments
Experience in working with GitOps tools (Flux, ArgoCD)
CKAD or CKA Certification
AWS Certification, including Solutions Architect, DevOps Engineer, Networking, or Security
Security Engineering or Cyber Engineering Certification, including Security+
Proficiency in scripting languages
Experience with virtualization technologies including VMware and OpenStack.
Familiarity with service-oriented architecture (SOA) principles and web services (SaaS, PaaS).
Knowledge of NoSQL databases as well as SQL-based systems.
Understanding of DevOps methodologies including CI/CD practices.
Experience with configuration management tools.

Preferred Certifications:
Certified DevSecOps Professional (CDP)
Certified Kubernetes Security Specialist (CKS)
AWS/Azure/Google Cloud Platform Security Certifications

Additional Required Skills/Experience:
o A minimum of Eight (8) years relevant experience.
o A degree from an accredited College/University in the applicable field of services is required. If the individual's degree is not in the applicable field then four additional years of related experience is required.
o Typically performs all functional duties independently.
o Note: Special credentials (licenses and/or certifications) may be required at the Task Order level on a case-specific basis."