DevSecOps Engineer - GIS

• Work with Elevate (GIS) teams to bake-in security controls part of design and implement secure AWS architectures for GIS applications
• Provide security best practices for implementing COTS software such as ArcGIS in AWS.
• Implement and maintain robust security measures & DevSecOps Framework (SHIELD) throughout every phase of development, from planning to deployment and maintenance across CI/CD pipeline. ('Secure by design', 'Secure by default')
• Implement security policy-as-code (Client) & Compliance-as-Code (CaC) and integrates continuous security testing within CI/CD pipelines
• Report on DevSecOps specific security metrics, KPIs, KRIs to track progress and demonstrate the value of security investments aligning with IT, Cyber L1, L2s.
• Partner with SIOC team to perform code reviews and static analysis to identify security vulnerabilities
• Validate Identity and Access Management (IAM) policies and roles
• Secure data at rest and in transit using AWS encryption services
• Work with stakeholders to implement network security measures, including VPCs, security groups, and NACLs
• Stay updated on emerging threats, vulnerabilities, and security trends related to AWS, Azure and DevSecOps practices.
• Promote cybersecurity awareness among developers and stakeholders.
• Foster a security-first mindset across Elevate application platform teams, promoting shared responsibility for cybersecurity (lead by cyber, owned by all).

Qualifications:

• Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience).
• 5+ years of experience in IT security, with at least 3 years focused on DevSecOps, DevOps or Security Engineering roles
• Extensive hands-on experience with AWS services and security best practices
• Strong understanding of GIS applications (ArcGIS) and their security requirements
• Proficiency in scripting languages such as Python, Bash, or Ruby
• Experience with CI/CD tools (e.g., Jenkins, GitLab CI, or AWS CodePipeline)
• Knowledge of container technologies and orchestration platforms (e.g., Docker, Kubernetes)
• Familiarity with infrastructure-as-code tools (e.g., Terraform, CloudFormation)
• Understanding of security standards and frameworks (e.g., NIST CSF)
• Excellent communication and collaboration skills
• Familiarity with the shared responsibility model in cloud environments (AWS, Azure) and hybrid cloud deployments.
• CISSP, CISM, or DevSecOps-specific credentials are a plus.
• Strong analytical and problem-solving skills with excellent communication and teamwork abilities.

Preferred Technical Skills:

• Experience with scripting languages (e.g., Python, PowerShell) for automation of security tasks.
• Knowledge of container security (Docker, Kubernetes)
• Familiarity with secure software development lifecycle (SDLC) practices.