We are seeking an experienced DevSecOps Engineer to join our team and play a pivotal role in setting up and managing cloud security processes and automation within a government environment. The successful candidate will work closely with development and operations teams to ensure secure, efficient, and scalable cloud infrastructure.
Responsibilities:
Design, implement, and maintain cloud-based security processes, policies, and frameworks.
Automate cloud operations to improve efficiency, scalability, and security.
Write and maintain Terraform scripts for cloud infrastructure management (e.g., updating IP addresses, modifying API Gateway WAF rules, changing Route 53 configurations).
Ensure cloud infrastructure is continuously secured and meets compliance requirements.
Collaborate with development teams to implement secure CI/CD pipelines.
Monitor and audit cloud resources, ensuring adherence to security best practices.
Implement and manage cloud security tools, including AWS security services and third-party solutions.
Perform routine reviews and updates of security policies to stay ahead of emerging threats.
Required Skills \& Qualifications:
Proven experience in
DevSecOps and cloud security.
Hands-on experience in setting up and implementing cloud DevSecOps processes and policies.
Strong
AWS knowledge, including CLI usage and cloud services.
Proficient in writing
Terraform scripts for cloud resource management and automation.
Experience in automating cloud operations, including updating IP addresses, API Gateway WAF rules, and Route 53 configurations.
Strong knowledge of security best practices, cloud compliance, and risk management.
Excellent troubleshooting and problem-solving skills.
Preferred (Nice to Have):
Experience with
government systems and familiarity with IM8 compliance standards.
Certifications in AWS (e.g., AWS Certified Security Specialty, AWS Certified Solutions Architect) or DevSecOps.
Familiarity with additional tools such as
Docker, Kubernetes, and CI/CD frameworks.