Sr AWS Cloud Devops Engineer

DevSecOps Engineer

What success looks like in this role: Design and implement secure, automated CI/CD pipelines in AWS using tools like AWS CodePipeline, Jenkins, GitLab CI, and other DevOps tools while ensuring security is built into every phase of development, from code to production. Architect, configure, and maintain secure AWS infrastructure using best practices in identity and access management, networking, encryption, and more, with a focus on risk mitigation and compliance. Integrate security tools and practices into the DevOps lifecycle, including code scanning, vulnerability assessments, compliance checks, and automated security testing. Continuously monitor AWS environments for security vulnerabilities and performance issues. Implement proactive monitoring tools and lead incident response efforts to mitigate threats. Leverage tools like Terraform, AWS CloudFormation, and the AWS CLI to automate the deployment and management of secure infrastructure. Ensure that AWS-based applications and systems adhere to industry standards and compliance frameworks by implementing and maintaining security controls and audits. Work closely with development, security, and operations teams to ensure seamless integration of security into the DevOps pipeline. Mentor and guide junior engineers on best practices for security in DevOps environments. Stay up-to-date with the latest trends, tools, and best practices in DevSecOps, AWS, and cloud security. Proactively recommend improvements to systems and processes for better security posture, performance, and cost-efficiency. Maintain detailed documentation for DevSecOps processes, including security configurations, vulnerability reports, and incident responses.

You will be successful in this role if you have: 2-3 years of hands-on experience in DevOps, with at least 1 year focusing on AWS cloud environments and security integration in the DevOps lifecycle. Strong knowledge of core AWS services, including EC2, VPC, IAM, Lambda, S3, RDS, and CloudWatch. Experience with security-focused AWS services such as AWS Security Hub, GuardDuty, and KMS is required. Proficiency in DevOps tools for CI/CD pipelines, including AWS CodePipeline, Jenkins, GitLab CI, or similar. Experience with containerization and orchestration tools (e.g., Docker, Kubernetes, Amazon EKS). Experience with automated security tools such as Snyk, Checkmarx, SonarQube, or others for static and dynamic code analysis, as well as infrastructure scanning tools like AWS Config and Prisma Cloud. Hands-on experience using Terraform, AWS CloudFormation, or similar IaC tools to automate secure cloud infrastructure. Expertise in implementing security controls, vulnerability management, and compliance frameworks (SOC 2, ISO 27001, GDPR, PCI-DSS, etc.) in cloud environments. Strong understanding of security best practices including encryption (at rest and in transit), identity and access management, network segmentation, and secure coding practices. Proficiency in scripting languages (Python, Bash, or PowerShell) for automation of security and operational tasks.