Senior DevSecOps Engineer

Overview

Hybrid
Depends on Experience
Accepts corp to corp applications
Contract - W2

Skills

C#
DevOps
Routing
NIST 800-53
GitHub
Windows PowerShell
Oracle Policy Automation
Continuous Delivery
Microsoft Azure
AWS
CDK
CI/CD
cloud formation
KMS
Secrets Manager

Job Details

One of our Client is looking for the position of Senior DevSecOps Engineer based on following skills:

Work Location: Hybrid with two days onsite

Hands-on security automation for AWS delivery. Build secure-by-default CDK constructs and CloudFormation templates, wire them into CI/CD, and enforce compliance checks that map to CJIS and NIST. Azure support is a future consideration, not a core day-one duty.

Scope boundaries

  • Does not own enterprise AWS Organizations or SCP operations.
  • Designs and builds reference guardrails and enforcement patternsthat can be deployed by enterprise teams.
  • Focuses on preventive controls and compliance automation, not incident response.
  1. Pipeline security templatesin GitHub Actions and Azure DevOps with SAST, SCA, IaC, container, and secret scanning gates.
  2. Compliance as codein reference accounts: AWS Config rules and Security Hub standards aligned to CJIS and NIST 800-53, with exceptions workflow documented.
  3. IaC reference modulesusing AWS CDK and CloudFormation for IAM least privilege, KMS, Secrets Manager, logging, and network baselines; Terraform equivalents provided where teams require them.
  4. Evidence exportstying checks to control IDs and producing auditor-ready artifacts.

Ongoing

  • Harden CDK/CFT modules and pipeline templates as compliance needs evolve.
  • Coach pilot teams to adopt templates.
  • Raise gaps to enterprise teams for org-level enforcement.

Day-to-day responsibilities

  • Author and maintain AWS CDK constructsand CloudFormation templates; provide Terraform versions as secondary.
  • Implement AWS Config conformance, Security Hub standards, and GuardDuty routing in reference accounts.
  • Wire scanning in CI/CD for app code, containers, and IaC.
  • Create reusable GitHub/Azure DevOps templates with enforcement gates and exception handling.
  • Generate posture and evidence reports mapped to CJIS and NIST controls.

Required skills

  • 5+ years AWS security automation and DevOps.
  • Strong with AWS CDKand CloudFormation; working proficiency in Terraform.
  • CI/CD authoring in GitHub Actionsand Azure DevOps.
  • Proficient in Pythonand Bash, with PowerShell for Windows automation.
  • Able to read Javaand C# to integrate and tune SAST/SCA.
  • Practical knowledge of CJISand NIST 800-53 control families and how to automate checks and evidence.

Nice to have

  • EKS/ECS/Lambda hardening patterns.
  • OPA/Conftest, Checkov, Trivy, Inspector, CodeQL or equivalent.
  • Basic Azure security automation for future phases.

Decision rights

Independent on design and build within standards; proposes guardrails and reference patterns; escalates enterprise-wide changes.

The successful candidate may have to undergo a drug test and background check.

Sincerely,

Rakhi Ankush

Digitek Software, Inc.

650 Radio Drive, Lewis Center, OH 43035 Tel No ext. 3137

Email

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.