DevSecops Engineer

Overview

On Site
Full Time
Contract - W2
Contract - Independent

Skills

Business Transformation
Security Controls
COTS
Security Policy
Security QA
Reporting
KPI
Investments
Physical Layer
Data Link Layer
Identity Management
Encryption
Network Security
Cyber Security
Computer Science
Information Security
IT Security
DevOps
Security Engineering
ArcGIS
Bash
Ruby
Continuous Delivery
Jenkins
GitLab
Continuous Integration
Orchestration
Terraform
Microsoft Azure
CISM
DevSecOps
Analytical Skill
Problem Solving
Conflict Resolution
Teamwork
Scripting
Python
Windows PowerShell
Docker
Kubernetes
Software Development
Software Development Methodology
Soft Skills
Communication
Articulate
Collaboration
Roadmaps
Amazon Web Services
CISSP
Certified Ethical Hacker
Cloud Computing
Cloud Security
Regulatory Compliance
Geographic Information System
SANS
Payroll

Job Details

DevSecops Engineer - Elevate Platform

Walnut Creek, CA

W2 Only



We are seeking an experienced and proactive DevSecOps Engineer to join our Cybersecurity Application Platform Security Team to secure our Geographic Information Systems (GIS) applications as a part of large business transformation effort Elevate. The ideal candidate will have hands-on experience with cybersecurity platforms, with a deep understanding of cloud security (especially AWS), strong experience with DevSecOps practices, and an understanding of GIS applications to operate the environment securely, enhance security posture, secure CI/CD pipelines and continuously bake-in security and compliance

Key Responsibilities:

  • Work with Elevate (GIS) teams to bake-in security controls part of design and implement secure AWS architectures for GIS applications
  • Provide security best practices for implementing COTS software such as ArcGIS in AWS.
  • Implement and maintain robust security measures & DevSecOps Framework (SHIELD) throughout every phase of development, from planning to deployment and maintenance across CI/CD pipeline. ('Secure by design', 'Secure by default')
  • Implement security policy-as-code (PaC) & Compliance-as-Code (CaC) and integrates continuous security testing within CI/CD pipelines
  • Report on DevSecOps specific security metrics, KPIs, KRIs to track progress and demonstrate the value of security investments aligning with IT, Cyber L1, L2s.
  • Partner with SIOC team to perform code reviews and static analysis to identify security vulnerabilities

  • Validate Identity and Access Management (IAM) policies and roles
  • Secure data at rest and in transit using AWS encryption services
  • Work with stakeholders to implement network security measures, including VPCs, security groups, and NACLs
  • Stay updated on emerging threats, vulnerabilities, and security trends related to AWS, Azure and DevSecOps practices.
  • Promote cybersecurity awareness among developers and stakeholders.
  • Foster a security-first mindset across Elevate application platform teams, promoting shared responsibility for cybersecurity (lead by cyber, owned by all).

Qualifications:

  • Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience).
  • 5+ years of experience in IT security, with at least 3 years focused on DevSecOps, DevOps or Security Engineering roles
  • Extensive hands-on experience with AWS services and security best practices
  • Strong understanding of GIS applications (ArcGIS) and their security requirements
  • Proficiency in scripting languages such as Python, Bash, or Ruby
  • Experience with CI/CD tools (e.g., Jenkins, GitLab CI, or AWS CodePipeline)
  • Knowledge of container technologies and orchestration platforms (e.g., Docker, Kubernetes)
  • Familiarity with infrastructure-as-code tools (e.g., Terraform, CloudFormation)
  • Understanding of security standards and frameworks (e.g., NIST CSF)
  • Excellent communication and collaboration skills
  • Familiarity with the shared responsibility model in cloud environments (AWS, Azure) and hybrid cloud deployments.
  • CISSP, CISM, or DevSecOps-specific credentials are a plus.
  • Strong analytical and problem-solving skills with excellent communication and teamwork abilities.

Preferred Technical Skills:

  • Experience with scripting languages (e.g., Python, PowerShell) for automation of security tasks.
  • Knowledge of container security (Docker, Kubernetes)
  • Familiarity with secure software development lifecycle (SDLC) practices.

Soft Skills

  • Excellent Communication Skills: Ability to clearly articulate security concepts to diverse audiences, including engineers, product managers, and executives.
  • Collaboration & Influence: Proven ability to work cross-functionally with teams to align on security priorities and influence roadmaps.

Preferred Qualifications:

  • Relevant security certifications (e.g., AWS Certified Security - Specialty, CISSP, CEH)
  • Experience with GIS-specific security challenges and solutions
  • Knowledge of multi-cloud and hybrid cloud security architectures
  • Familiarity with compliance requirements in the GIS industry

The ideal candidate will be passionate about security, have a proactive mindset, and be able to balance security requirements with business needs. They should be comfortable working in a fast-paced environment and be able to adapt to evolving security threats and technologies.

Note: This is a W2 Contract. So, candidate must work on Galaxy I Tech Payroll. For Immediate response please reach out to me at suresh2 at galaxy i tech dot com / four eight zero six nine six five three nine four

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.