Description :

We are seeking a highly skilled and experienced Senior DevOps Engineer to join our dynamic team.

The ideal candidate will have a deep understanding of DevOps principles, security practices, and cloud technologies.

The ideal candidate will :

- Play a critical role in integrating security into the software development lifecycle and infrastructure management, ensuring our systems are robust, scalable, and secure.

- Will work closely with engineers (development and QA) and architects to deliver high quality code, via the SDLC process, in a high-performing manner.

- Steer the organizations DevOps strategy, while working with architects and IT service owners to ensure the DevOps roadmap supports broader initiatives and security requirements.

- Create comprehensive documentation for automation processes, workflows, and standard operating procedures for educating team members on automation best practices.

Essential Duties and Responsibilities :

- Design and implement security measures across all stages of the software development lifecycle from architecture and design to deployment and operations.

- Develop, maintain, and optimize automated CI/CD pipelines to ensure secure, scalable, and efficient application delivery.

- Manage and secure multi-cloud infrastructure (AWS, Azure, GCP), with a primary focus on AWS, including networking, storage, and compute resources.

- Ensure compliance with industry standards and regulatory frameworks (e.g., HIPAA, PCI-DSS, FedRAMP) by implementing robust governance policies.

- Establish and maintain security monitoring, incident detection, and response protocols to safeguard systems and data.

- Collaborate with development, operations, and security teams to promote security best practices and mentor junior engineers.

- Conduct regular security assessments, including vulnerability scans and penetration testing, to proactively identify and mitigate risks.

- Evaluate, deploy, and manage security tools (e.g., SAST, DAST, SIEM) to protect and monitor the environment effectively.

Minimum Requirements :

- Bachelor's degree in relevant field of study and 7+ years of relevant professional experience required.

- Security Integration: Design and implement security measures at every stage of the software development lifecycle, from design to deployment.

- Automation & CI/CD Pipelines: Develop, maintain, and enhance automated CI/CD pipelines, ensuring secure and efficient delivery of applications.

- Cloud & Infrastructure Security: Manage and secure cloud infrastructure (AWS, Azure, GCP), including networking, storage, and compute resources, with a key focus on AWS.

- Compliance & Governance: Ensure compliance with industry standards and regulations (e.g., HIPAA, PCI-DSS, FedRAMP) and implement governance policies.

- Incident Response & Monitoring: Establish and maintain security monitoring, incident detection, and response protocols.

- Collaboration & Mentorship: Work closely with development, operations, and security teams to promote security best practices and mentor junior engineers.

- Risk Assessment: Conduct regular security assessments, vulnerability scans, and penetration testing to identify and mitigate risks.

- Tooling & Technology: Evaluate, deploy, and manage security tools (e.g., SAST, DAST, SIEM) to protect and monitor the environment.

Qualifications :

- Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).

- 10+ years of experience in DevOps, DevSecOps, or a similar role, with a strong security focus.

- AWS Certified DevOps Engineer certification or similar.

- Proficiency in cloud platforms (AWS, Azure, GCP) and containerization technologies (Docker, Kubernetes) with a key focus on AWS and EKS.

- Experience with infrastructure as code (IaC) tools such as Terraform, Ansible, or CloudFormation.

- Proficiency in CI/CD tools like AWS CodePipeline, Jenkins, Azure DevOps Server.

- Strong knowledge of security frameworks and standards (e.g., NIST, ISO 27001, OWASP).

- Familiarity with programming and scripting languages (e.g., Python, Bash, Go, Bash).

- Experience working in an agile environment leveraging the SAFe framework.

- Excellent problem-solving skills and the ability to work in a fast-paced, collaborative environment.

- Strong communication skills, with the ability to convey complex security concepts to technical and non-technical stakeholders.

Preferred Qualifications :

- Relevant certifications such as CISSP, CISM, CEH, or AWS Certified Security Specialty.

- Experience with microservices architecture and API security.

- Strong understanding and working experience with enterprise applications, containerized application workloads.

- Strong understanding of networking concepts.

- Knowledge of network security principles and technologies (e.g., Firewalls, VPNs, IDS/IPS).