PRI Talent is hiring a DevSecOps Engineer on behalf of our client. This role is a full-time, 1099 contract staff augmentation position working with a company that is a leader in reducing electronic waste and finding value in gently used electronics. Our client has seen staggering growth and extraordinary impact on protecting the planet, all while providing a work culture unlike any other.
We seek a highly skilled and motivated Senior DevSecOps Engineer to join our client's team and play a critical role in ensuring our client's software development and deployment processes' security, reliability, and efficiency. Your expertise will be crucial in deploying security systems and solutions to enhance the overall security posture of our cloud-based applications and services. Leverage your expertise in deploying security systems and solutions in the AWS cloud. You can make a significant impact by securing and optimizing our client's software development and deployment processes within the AWS environment. As a DevSecOps Engineer, you will be an integral part of our client's engineering team, responsible for designing, implementing, and managing secure DevOps practices across the organization. You will collaborate with cross-functional teams, including developers, operations team members, and security professionals, to streamline software development, continuous integration/continuous deployment (CI/CD), and enhance the overall security posture of our systems. Your primary role will be working with the Cyber Security team to deploy and configure security tools and systems. The ideal candidate will create a security awareness culture and drive a proactive approach to identifying and mitigating security risks throughout the software development lifecycle.
- Integrating security into the software development process.
- Identifying potential security risks and developing strategies to mitigate them.
- Implementing security controls.
- Monitoring security threats
- Ensuring compliance with security standards and regulations.
- Collaborating with developers, system administrators, and other stakeholders to ensure that security is integrated into the development process.
- Developing and enhancing DevOps culture by implementing best practices, automation, and tooling for continuous integration, deployment, and monitoring of applications and infrastructure.
- Designing and implementing secure architectures for cloud-based applications and services, considering security, scalability, and performance requirements.
- Developing and maintaining processes to identify, assess, and remediate vulnerabilities in our software and infrastructure.
- Conducting regular security assessments, code reviews, and penetration testing.
- Developing and maintaining automation scripts to streamline security-related tasks and processes.
- Monitoring and enhancing the security of infrastructure components, including servers, networks, and databases.
- Staying updated with the latest trends and advancements in DevSecOps, cybersecurity, and cloud technologies, recommending relevant improvements to systems.
Education and Experience
- Strong understanding of security concepts, including threat modeling, risk assessment, and vulnerability management.
- Knowledge of the SDLC and experience integrating security best practices at every process stage.
- Familiarity with automation tools and scripting languages like Python and PowerShell.
- Understanding cloud security principles, including secure architecture design and configuration management.
- Knowledge of container security principles, such as Docker and Kubernetes.
- Experience with DevOps practices, such as continuous integration and delivery (CI/CD) and infrastructure as code (IaC).
- Familiarity with compliance frameworks and regulations, such as ISO 27001 and GDPR.
- Strong problem-solving skills, including analyzing complex security issues and developing effective solutions.
- Effective communication skills, including working collaboratively with cross-functional teams.
- Familiarity with containerization technologies (Docker, Kubernetes) and container security.A passion for continuous learning and keeping up with the latest security trends and technologies.
- Hands-on experience with security tools (e.g., SAST, DAST, WAF, IDS/IPS, SIEM) and vulnerability scanners.
- Deep knowledge of security principles, best practices, and industry standards.
- Strong understanding of cloud computing platforms (either AWS, Azure, or GCP) and their security features.
- Excellent analytical and problem-solving skills, with an ability to troubleshoot complex issues.
- Strong communication skills, with the ability to convey complex technical concepts to non-technical stakeholders.
- Strong understanding of AWS cloud computing platforms and their security features.
- Experience with CI/CD tools (e.g., Jenkins, GitLab CI/CD, Travis CI) and version control systems (e.g., Git) within AWS environments.
Please note we will not accept applications that do not include a cover letter and work examples.