DeveloperSecOps Analyst

Summary

Join NRTC as a DevSecOps Analyst I and actively contribute to the automation and observability of our Linux infrastructure and CI/CD pipelines. Under the guidance of senior engineers, you will assume ownership of scripting and configuration tasks, perform container optimizations, and develop dashboards to enhance operational efficiency. This role offers valuable hands-on DevSecOps experience. You will analyze Dockerfiles, participate in peer reviews of IaC changes, contribute to CI/CD pipelines, monitor pipeline health, and automate incident-response tasks. Additionally, you will design and maintain observability dashboards, tune alerts, integrate vulnerability scans, assist with IAM policy validation, maintain documentation, and present findings to the team. The position requires proficiency in Bash and Python scripting, experience with Ansible and Docker, and familiarity with CI/CD pipelines and observability tools.

Requirements

• Proficient in Bash and Python for writing and improving automation scripts
• Solid understanding of Ansible playbook authoring and YAML
• Familiar with Docker fundamentals and able to apply basic image-optimization techniques
• Comfortable navigating and editing CI/CD pipelines in any of the major CI/CD platforms
• Experience with observability tools (Grafana, Prometheus, CloudWatch) and dashboard creation
• Basic knowledge of DevOps-security controls, including vulnerability scanning and IAM principles
• Strong troubleshooting skills and an analytical mindset for interpreting logs and metrics
• Clear communicator with the ability to document processes and train peers on new procedures
• Bachelor’s degree in computer science, MIS, or related field preferred. (Equivalent hands-on projects or open-source contributions accepted.)
• 1–2 years’ experience in scripting, configuration management, containerization, or observability tooling
• 1–2 years of Linux administration experience (Ubuntu, CentOS)
• 1–2 years of experience working with CI/CD pipelines

Responsibilities

• Analyze Dockerfiles for image-size reduction, layering improvements, and basic security hardening
• Participate in peer reviews of IaC changes and support the implantation of approved Ansible playbooks & Terraform modules
• Contribute standardized pipeline modules or stages into CI/CD pipelines. (e.g., linting checks, artifact promotions)
• Monitor pipeline health, troubleshoot failures, and document corrective actions
• Author & maintain Bash and Python scripts to automate common incident-response tasks (log aggregation, service restarts, alert enrichment)
• Design and maintain observability (i.e Grafana, ELK, CloudWatch) dashboards that track key metrics (resource utilization, error rates, vulnerability counts)
• Tune alert thresholds and create simple alert-enrichment scripts to reduce noise
• Integrate vulnerability-scans into CI/CD pipelines for compliance with security best practices and policies
• Assist in validating least-privilege IAM policies for cloud resources under guidance
• Keep runbooks, SOPs, and wiki pages current with clear and up-to-date instructions
• Present findings and small improvement proposals in regular team reviews
• Other duties as assigned