DevSecOps Engineer

About the Role

Join a forward-thinking organization as a Senior DevSecOps Engineer, where you will lead the design, implementation, and ongoing management of secure, scalable DevSecOps processes. Embedded directly with the team in St. Cloud, MN, you will collaborate closely with security, development, and operations leaders to foster a security-first culture and drive impactful technical initiatives. This role offers a fantastic opportunity for a seasoned professional eager to influence security practices, mentor peers, and adopt cutting-edge cloud and automation technologies.

Key Responsibilities

• Security-Driven CI/CD Development: Lead the design and execution of secure CI/CD pipelines integrating automated vulnerability scanning, testing, and compliance checks at every stage.
• Cloud Infrastructure Security: Architect, implement, and maintain secure cloud environments primarily on Google Cloud Platform (Google Cloud Platform), with open-mindedness towards AWS and Azure. Demonstrate aptitude and quick learning ability if cloud experience is limited.
• Container and Orchestration Security: Secure containerized workloads using Kubernetes, including network segmentation and secure image management.
• Infrastructure as Code (IaC): Automate provisioning and configuration management with Terraform, Ansible, or CloudFormation, emphasizing security best practices.
• Vulnerability Management & Incident Response: Develop remediation plans for thousands of critical vulnerabilities, lead threat modeling exercises, and participate in post-incident reviews to improve defenses.
• Monitoring & Reporting: Implement and maintain centralized logging, monitoring (Grafana, Prometheus), and alerting solutions to ensure continuous system health and security oversight.
• Collaboration & Mentoring: Partner with software development, QA, architecture, and operations teams, including mentoring junior team members on DevSecOps best practices and emerging security trends.
• Compliance & Governance: Ensure adherence to security standards and frameworks like NIST CSF, SOC 2, ISO 27001, PCI-DSS, and HIPAA by developing policies, standards, and conducting regular assessments.
• Leadership & Innovation: Stay current on industry trends, evaluate new tools, and implement innovative solutions to enhance security posture, reliability, and efficiency.

Qualifications

Education & Experience:

• Bachelor s degree in Computer Science, Software Engineering, Information Technology, or related field.
• 5+ years of experience in DevOps, DevSecOps, or related roles with a focus on security.
• Proven experience influencing, mentoring, or teaching teams on security best practices and change management.

Technical Skills:

• Extensive cloud experience focusing on Google Cloud Platform is ideal, or familiarity in AWS and Azure.
• Strong expertise in:
  • CI/CD tools: Jenkins, GitLab CI, GitHub Actions
  • Containerization & orchestration: Docker, Kubernetes
  • Infrastructure-as-Code: Terraform, Ansible, CloudFormation
  • Cloud security best practices
  • Monitoring & alerting: Grafana, Prometheus, ELK Stack
  • Application security principles and vulnerability assessment

Nice-to-Haves:

• Java background, especially Spring Boot
• Experience working across multiple development teams and leading security initiatives
• Familiarity with SOC audit processes