Role: DevSecOps Engineer
Location: Remote
Expected Duration: 6+ Months Contract
Job Summary:
We are seeking a skilled DevSecOps Engineer with 9 years of experience to join our dynamic team. The ideal candidate will be responsible for the design, implementation, and maintenance of our security infrastructure in a DevOps environment. You will work closely with development and operations teams to integrate security into the software development lifecycle and ensure that security requirements are met throughout the development process.
Key Responsibilities:
- Develop and implement security policies, standards, and procedures for the software development lifecycle.
- Design, implement, and maintain security infrastructure in a DevOps environment, including continuous integration and deployment (CI/CD) pipelines, monitoring and logging systems, and vulnerability scanning tools.
- Conduct security assessments and penetration testing of our systems and applications to identify and mitigate potential security risks.
- Work with development and operations teams to integrate security into the software development process, including code reviews, threat modeling, and secure coding practices.
- Develop and maintain security documentation, including security policies, standards, and procedures, and security incident response plans.
- Stay up-to-date with emerging security threats and trends and ensure that our security infrastructure is updated accordingly.
- Provide security guidance and training to development and operations teams.
Requirements:
- Bachelor's degree in Computer Science or a related field.
- 9 years of experience in DevSecOps, information security, or a related field.
- Strong knowledge of security best practices and standards, including OWASP Top 10, CWE/SANS Top 25, and CIS Controls.
- Experience with DevOps tools and practices, including CI/CD, infrastructure as code, and configuration management.
- Experience with cloud security, including AWS, Azure, or GCP.
- Experience with security assessment tools, such as Nessus, Burp Suite, or Metasploit.
- Strong scripting skills in Python, Ruby, or Bash.
- Excellent communication and collaboration skills, including the ability to work effectively with cross-functional teams.
Preferred Qualifications:
- Master's degree in Computer Science or a related field.
- Certifications in information security or DevOps, such as CISSP, CISM, CCSP, AWS Certified DevOps Engineer, or Azure DevOps Engineer Expert.
- Experience with container security, such as Docker and Kubernetes.
- Experience with security automation and orchestration tools, such as Ansible, Chef, or Puppet.
- Experience with agile development methodologies.
USC and GC are encouraged to apply
Job Type: Contract
Pay: $50.00 - $60.00 per hour
Schedule:
Experience:
- DevSecOps: 9 years (Required)
- Penetration testing: 9 years (Required)
- AWS: 9 years (Required)
- Azure: 9 years (Required)
- Threat Modeling: 9 years (Required)
- Threat detection & response: 9 years (Required)
- Infrastructure as Code: 9 years (Required)
License/Certification:
- CISSP (Preferred)
- CISM (Preferred)
- CCSP (Preferred)
Work Location: Remote