Devis is hiring a
Mid DevSecOps Engineer in Worldwide

Summary

The job is for a DevSecOps Engineer at Development InfoStructure LLC (DEVIS) who will integrate security practices into the software development lifecycle using AWS cloud services. The role requires 3-5 years of experience as a DevSecOps Engineer, AWS certifications, and knowledge of security frameworks.

Requirements

• 3-5 years Proven experience as a DevSecOps Engineer or similar role, with expertise in implementing security practices in cloud environments, particularly AWS
• AWS certification(s) such as AWS Certified Security – Specialty, AWS Certified DevOps Engineer – Professional, or AWS Certified Solutions Architect – Professional preferred
• Strong understanding of cloud computing principles and AWS services, with hands-on experience in designing, deploying, and managing cloud infrastructure
• Proficiency in infrastructure-as-code (IaC) tools such as Terraform or AWS CloudFormation for automating infrastructure provisioning and configuration
• Experience with containerization technologies such as Docker and container orchestration platforms like Kubernetes, with a focus on security best practices
• Familiarity with security frameworks and standards such as NIST, CIS, and PCI DSS, and experience implementing security controls to meet compliance requirements
• Excellent problem-solving and analytical skills, with the ability to assess complex security issues and recommend practical solutions
• Strong communication and collaboration skills, with the ability to work effectively with cross-functional teams and stakeholders
• Self-motivated and proactive, with a passion for continuous learning and staying current with emerging technologies and security trends
• Demonstrated Knowledge and Experience with the Centers for Medicare and Medicaid Services (CMS)

Responsibilities

• Collaborate with development, operations, and security teams to integrate security best practices into the software development lifecycle (SDLC) and DevOps processes
• Design, implement, and maintain secure AWS cloud infrastructure using services such as EC2, S3, RDS, Lambda, IAM, and others
• Implement and automate security controls, including identity and access management (IAM), encryption, network security, and logging, using AWS-native tools and third-party solutions
• Configure and manage CI/CD pipelines using tools like Jenkins, AWS CodePipeline, or GitLab CI/CD, integrating security testing and vulnerability scanning into the deployment process
• Monitor and analyze cloud infrastructure and application logs for security incidents and anomalies, responding promptly to mitigate risks and maintain compliance with security standards
• Conduct regular security assessments and audits of cloud resources, identifying vulnerabilities and recommending remediation measures to ensure compliance with industry regulations and best practices
• Stay current with AWS security features, updates, and best practices, evaluating and implementing new technologies and techniques to enhance security posture
• Provide guidance and support to development teams on secure coding practices, application security architecture, and vulnerability management