PRI Talent is hiring a DevSecOps Engineer on behalf of our client. This role is a full-time, 1099 contract staff augmentation position working with a company that is a leader in reducing electronic waste and finding value in gently used electronics. Our client has seen staggering growth and extraordinary impact on protecting the planet, all while providing a work culture unlike any other.
We seek a highly skilled and motivated Senior DevSecOps Engineer to join our team and play a critical role in ensuring our software development and deployment processes' security, reliability, and efficiency. Your expertise will be crucial in deploying security systems and solutions to enhance the overall security posture of our cloud-based applications and services. Join our team and leverage your expertise in deploying security systems and solutions in the AWS cloud. You can make a significant impact by securing and optimizing our software development and deployment processes within the AWS environment. As a DevSecOps Engineer, you will be an integral part of our engineering team, responsible for designing, implementing, and managing secure DevOps practices across the organization. You will collaborate with cross-functional teams, including developers, operations, and security professionals, to streamline software development, continuous integration/continuous deployment (CI/CD), and enhance the overall security posture of our systems. Your primary role will be working with the Cyber Security team to deploy and configure security tools and systems. The ideal candidate will create a security awareness culture and drive a proactive approach to identifying and mitigating security risks throughout the software development lifecycle.
Key Skills
- Integrating security into the software development process.
- Identifying potential security risks and developing strategies to mitigate them.
- Implementing security controls, Monitoring security threats., Ensuring compliance with security standards and regulations.
- Collaborating with developers, system administrators, and other stakeholders to ensure that security is integrated into the development process
- Develop and enhance our DevOps culture by implementing best practices, automation, and tooling for continuous integration, continuous deployment, and continuous monitoring of applications and infrastructure.
- Design and implement secure architectures for cloud-based applications and services, considering security, scalability, and performance requirements.
- Develop and maintain processes to identify, assess, and remediate vulnerabilities in our software and infrastructure. Conduct regular security assessments, code reviews, and penetration testing.
- Develop and maintain automation scripts to streamline security-related tasks and processes.
- Monitor and enhance the security of our infrastructure components, including servers, networks, and databases.
- Stay updated with the latest trends and advancements in DevSecOps, cybersecurity, and cloud technologies, recommending relevant improvements to our systems.
Education and Experience
- Strong understanding of security concepts, including threat modeling, risk assessment, and vulnerability management.
- Knowledge of the SDLC and experience integrating security best practices at every process stage.
- Familiarity with automation tools and scripting languages like Python and PowerShell.
- Understanding cloud security principles, including secure architecture design and configuration management.
- Knowledge of container security principles, such as Docker and Kubernetes.
- Experience with DevOps practices, such as continuous integration and delivery (CI/CD) and infrastructure as code (IaC).
- Familiarity with compliance frameworks and regulations, such as ISO 27001 and GDPR.
- Strong problem-solving skills, including analyzing complex security issues and developing effective solutions.
- Effective communication skills, including working collaboratively with cross-functional teams.
- Familiarity with containerization technologies (Docker, Kubernetes) and container security.A passion for continuous learning and keeping up with the latest security trends and technologies.
- Hands-on experience with security tools (e.g., SAST, DAST, WAF, IDS/IPS, SIEM) and vulnerability scanners.
- Deep knowledge of security principles, best practices, and industry standards.Strong understanding of cloud computing platforms (either AWS, Azure, or GCP) and their security features.
- Excellent analytical and problem-solving skills, with an ability to troubleshoot complex issues
- Strong communication skills, with the ability to convey complex technical concepts to non-technical stakeholders
- Strong understanding of AWS cloud computing platforms and their security features.Experience with CI/CD tools (e.g., Jenkins, GitLab CI/CD, Travis CI) and version control systems (e.g., Git) within AWS environments.
_
Please note we will not accept applications that do not include a cover letter and work examples._