DevSecOps Engineer

Overview

On Site
Contract - W2

Skills

DevSecOps Engineer

Job Details



Job Title: DevSecOps Engineer


Location: Boston MA 02110 Hybrid onsite - Tue/Wed/Thu

Onsite Requirements:



  • Jenkins

  • AWS

  • Cloud Security/Terraform


Job Description:



  • This role involves designing, implementing, and maintaining secure and robust platform solutions.

  • The ideal candidate will have a strong background in systems engineering and security best practices and is comfortable working in a fast-paced and dynamic environment.


Primary Responsibilities:



  • Design, develop, and maintain scalable, automated, user-friendly systems, databases, and applications, including platform core infrastructure components such as networking, storage, and compute resources.

  • Ensure the platform's security by implementing best practices, security protocols, and regular vulnerability assessments of applications.
    Collaborate with cross-functional teams to understand their platform needs and provide technical solutions.

  • Automate processes to ensure efficiency, reliability, and scalability, including.

  • Create and maintain continuous integration and deployment pipelines using GitHub and Jenkins instances.

  • Collaborate with quality engineers to integrate functional, performance, and security unit and integration tests into pipelines.

  • Create and maintain managed resources provided by cloud service providers, including secrets management, monitoring, logging, security scanning, and other services.

  • Work with tooling such as Ansible, Docker, Podman, Packer, Kubernetes, and Terraform to create cloud-based infrastructure utilizing AWS or Azure implementations.
    Create automated tests for Infrastructure as Code using Terratest, Container Structure Test, and similar frameworks.

  • Monitor system performance and identify areas for improvement using standard open-source tools, such as Prometheus, Grafana, and Loki.

  • Stay up to date with emerging security threats and protect systems against them. Have experience with processes to scan applications for vulnerability threats and infrastructure.

  • Document the design, operation, and troubleshooting of technology platforms and procedures.

  • Participate in on-call rotations for system installations outside regular business hours


Skills You Bring:



  • A bachelor's degree in computer science, Information Technology, or a related field or equivalent working experience is required. A master's degree is a plus.

  • A minimum of five years of experience in DevOps, platform engineering or related information technology experience is required. A focus on security is a plus.

  • Ability to automate with various scripting languages (Python, Shell scripting, etc.)

  • Experience managing systems using infrastructure as code tools (Jenkins, Terraform, Packer, Ansible)

  • Solid understanding of Cloud Computing and DevOps concepts including CI/CD pipelines

  • Hands-on Kubernetes skills and knowledge.

  • Hands on experience with one or more observability tools (Prometheus, Grafana, ELK/OpenSearch, Datadog, etc.)

  • Solid understanding of network protocols, LAN, WAN, SSL, Firewall, Load Balancer, and VPN technologies is a plus.

  • Experience with security practices, including end-to-end encryption, network security, data protection, and vulnerability management.

  • Proven experience in maintaining scalability and resiliency of complex environment.

  • Experienced in Instrumentation with systems skills on building and operating, monitoring, logging, alerting services of distributed systems at scale.

  • Experience with configuration management and infrastructure management systems like Ansible, Chef, Docker, CloudFormation.

  • Experience with container technologies like Docker and Podman. LWC and containerization orchestration tools like ECS, AKS, EKS preferred.

  • Experience with Cloud technologies with cloud providers AWS, Azure, Google Cloud Platform etc.

  • Knowledge of AWS Cloud DevOps services such as IAM, VPC, ECS, Lambda, RDS.

  • Have a working knowledge of databases, SQL and NOSQL, including database migration tools such as Flyway and Liquibase.

  • Solve stack-wide engineering issues related to hardware, software, network, applications, and cloud service providers.

  • Coach peers and development teams on how to build highly available systems.

  • Work with internal release groups to setup and maintain Non-Prod and Production environments infrastructure and CI/CD efforts.

  • Seek out opportunities to develop and improve existing automation processes.

  • Troubleshoot and debug CI/CD issues, with a willingness to resolve problems.

  • Collect and report on operational metrics for SLA reporting and capacity planning.

  • Collect and report on security metrics for security and risk management reporting.

  • Strong grasp of Unix-based operating processing systems (Linux).

  • Strong containerization technologies experience in hybrid cloud platforms.

  • Strong analytical, problem-solving communication and teamwork abilities.

  • Experience and capability to build automated tests for Infrastructure as Code tooling with frameworks such as Terratest, Pester, and Container Structure Test.