CrawlJobs Logo

Devsecops Engineer Ii (Aws)

tripadvisor.com Logo

Tripadvisor

Location Icon

Location:
Portugal , Lisbon

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are looking for a hands-on DevSecOps Engineer II (AWS) to be the first line of defense for the Tripadvisor Experiences platform. This is a critical mid-level role that blends proactive security engineering with reactive incident response. You will live and breathe in our product's cloud environment, monitoring for threats, responding to security incidents, automating defenses, and working closely with our engineering teams to build a more resilient platform.

Job Responsibility:

  • Monitor, analyze, and investigate security alerts originating from our AWS infrastructure, application logs, and security tooling (WAF, SIEM, Cloud-Native tools)
  • respond to security incidents that directly impact the Tripadvisor Experiences application
  • triage vulnerabilities reported through our bug bounty program and other external sources
  • build and maintain security monitoring and alerting capabilities within our production environment
  • automate security operations tasks using scripting languages like Python or Go
  • configure, tune, and help manage security tools like our Web Application Firewall (WAF), AWS GuardDuty, and Security Hub
  • operationalize findings from application security tools (SAST, DAST, SCA) by working with engineering teams
  • conduct threat modeling for new features
  • collaborate with engineering teams and provide guidance on secure coding practices and architecture

Requirements:

  • Hands-on experience securing a production environment in AWS
  • comfortable with core security services (e.g., GuardDuty, Security Hub, WAF, CloudTrail)
  • good understanding of core AWS services beyond just security tools (e.g., VPC networking, EC2, RDS, S3, Lambda, EKS)
  • capable of understanding and spinning up a full infrastructure stack to effectively secure it
  • proficiency with Terraform for managing and securing cloud infrastructure
  • proven experience with the full lifecycle of security incidents
  • proficiency in at least one scripting language (e.g., Python, Go, Bash)
  • solid understanding of common web application vulnerabilities (OWASP Top 10) and how to defend against them
  • demonstrated ability to use AI tools to improve efficiency, quality, and decision-making in day-to-day work
  • proven ability to operate effectively with a global-first mindset
What we offer:
  • Competitive compensation packages including base salary and annual bonuses
  • 'Work your way' with flexibility
  • flexible schedule
  • donation matching
  • tuition assistance
  • lifestyle benefit
  • travel perks
  • employee assistance program
  • health benefits

Additional Information:

Job Posted:
May 05, 2026

Employment Type:
Fulltime
Work Type:
Hybrid work
Icon
Tripadvisor - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Devsecops Engineer Ii (Aws)

Application Security Engineer II

Zuora’s Application Security & Security Engineering team partners closely with e...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
zuora.com Logo
Zuora
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience in application security, software development, or a related engineering role
  • Strong understanding of secure software development practices, including experience working with developers to embed security into the SDLC
  • Hands-on experience conducting security design reviews, threat modeling, and code reviews for web and cloud-based applications
  • Familiarity with common application vulnerabilities (e.g., OWASP Top 10) and experience in identifying and remediating them
  • Experience working with security tools such as SAST, DAST, SCA, and container security scanners
  • Ability to communicate security concepts effectively to both technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Collaborate with teams across a global organization to support the adoption and implementation of secure software development practices and tooling
  • Contribute hands-on to critical engineering and tooling projects, working closely with technical leads and product owners to ensure security is a key part of successful project outcomes
  • Mentor engineers and influence architectural decisions to ensure security is embedded by design
  • Design and develop reusable, flexible security components and APIs to support scalable, secure application development across the company
  • Define and promote best practices to ensure software security without compromising functionality, usability, reliability, or availability
  • Participate in design and code reviews, providing actionable security recommendations as needed
  • Collaborate with project teams to design and prototype secure solutions, validating key assumptions and security objectives
  • Evaluate, implement, and support a range of security tools to improve visibility and reduce risk
  • Build strong relationships and communicate effectively with stakeholders throughout the SDLC, including Product, Engineering, and Operations teams
What we offer
What we offer
  • Competitive compensation, variable bonus and performance reward opportunities, and retirement programs
  • Medical, dental and vision insurance
  • Generous, flexible time off
  • Paid holidays, “wellness” days and company wide end of year break
  • 6 months fully paid parental leave
  • Learning & Development stipend
  • Opportunities to volunteer and give back, including charitable donation match
  • Free resources and support for your mental wellbeing
Read More
Arrow Right

Devsecops Engineer

QTEC Aerospace is seeking a DEVSECOPS ENGINEER to join our team of professionals...
Location
Location
United States , Huntsville
Salary
Salary:
Not provided
qtecinc.com Logo
QTEC Aerospace
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Software Engineering, Computer Programming, Information Technology, Mathematics, Physics, or a related field from an accredited university, along with at least 2 years of experience
  • or a Master's degree in a related field
  • or 6 years of relevant work experience may be considered as an alternative to a degree
  • DoD 8140 certification at IAT Level II or higher (such as Security+ CE, CCNA-Security, CySA+, CND, etc.)
  • Must have taken Information Technology or software development courses, and/or formal education/certification courses within the Information Technology, DevSecOps, or Software Development disciplines
  • Must possess strong communication abilities, along with excellent writing and presentation skills
  • Must be able to work independently/solo on large projects at times, and at other times be in a collaborative team environment with other DevSecOps engineers and other program development and deployment teams.
  • Excellent verbal and written communication skills, including ability to collaborate with cross-functional teams, and prepare and brief presentations to the customer as needed.
  • Self-motivated and customer-oriented
  • Candidates must currently have and be able to maintain a minimum DoD SECRET level security clearance.
Job Responsibility
Job Responsibility
  • Infrastructure-as-Code (IaC) Support
  • Assist in writing and updating Ansible playbooks, Packer images, and Python scripts for Windows and Linux hosts
  • Ensure all code is committed to Git and adheres to basic security guidelines
  • Automation Pipeline Assistance
  • Help build CI/CD jobs that provision, harden, and configure systems
  • Add basic automated tests, vulnerability scans, and compliance checks under the guidance of senior engineers
  • STIG Baseline Automation
  • Contribute reusable Ansible roles and simple Python utilities that apply DoD STIGs
  • Track compliance drift and raise tickets for remediation
  • Configuration Management
  • Fulltime
Read More
Arrow Right

Cloud Information Systems Security Engineer

Cyber threats are everywhere, and the constantly evolving nature of these threat...
Location
Location
United States , Fayetteville
Salary
Salary:
61900.00 - 141000.00 USD / Year
boozallen.com Logo
Booz Allen Hamilton
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience with software supply chain security and secure SDLC practices such as SLSA or NIST SSDF, including build provenance, artifact integrity, dependency management, and security gates in CI/CD pipelines
  • 5+ years of experience securing CI/CD platforms, including pipeline hardening, secrets management, access control, integration of SAST, DAST, and SCA, container scanning, and enforcement of remediation policies
  • 5+ years of experience with container, image, and host vulnerability management using tools such as Trivy, Grype, Anchore, or AWS Inspector, including policy-driven vulnerability remediation
  • Experience building, securing, and operating Dockerized applications, including secure Dockerfile patterns, image lifecycle management, and runtime security hardening
  • Experience deploying and operating workloads on Kubernetes EKS, GKE, AKS, or self-managed, including Helm-based deployment and management of security tooling
  • Experience with scripting and automation, including advanced Bash, intermediate+ Python, and basic PowerShell, to automate security workflows, controls, and integrations
  • Experience with Linux system security and AWS cloud services such as EC2, EKS/ECS, IAM, S3, VPC, KMS, CloudTrail, or GuardDuty, including system hardening, logging, monitoring, and collaboration with engineering and platform teams to document controls and guide remediation
  • TS/SCI clearance
  • HS diploma or GED
  • Ability to obtain a DoD 8570 IAT or IAM Level II Certification, including Security+ Certification, within 60 days of hire date
Job Responsibility
Job Responsibility
  • Work with highly skilled engineers and military leaders to discover their cyber risks, understand applicable policies, and develop a mitigation plan
  • Review technical and architectural details from highly complex teams to assess the entire threat landscape of our client Hybrid-Cloud based Platform
  • Guide your client through a plan of action to minimize attack surfaces on applications, understand architecture, and mitigate vulnerabilities
  • Work with your client to translate security concepts to technical implementation so they can make the best decisions to secure critical and operational hybrid-cloud based services
  • Act as an information security subject matter expert while broadening your skills in cloud computing, DevSecOps, Infrastructure as Code, Kubernetes, CI/CD, and application development
What we offer
What we offer
  • Health, life, disability, financial, and retirement benefits
  • Paid leave
  • Professional development
  • Tuition assistance
  • Work-life programs
  • Dependent care
  • Recognition awards program
Read More
Arrow Right
New

Staff II Software Engineer AI/ML Ops

We're looking for a Lead Data Engineer to design, build, and optimize data pipel...
Location
Location
United States , Pleasanton
Salary
Salary:
245000.00 - 307000.00 USD / Year
blackline.com Logo
BlackLine
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong programming skills in languages such as Python, Java, or Scala
  • Expertise in ML frameworks (TensorFlow, PyTorch, scikit-learn) and orchestration tools (Airflow, Kubeflow, Vertex AI, MLflow)
  • Proven experience operating production pipelines for ML and LLM-based systems across cloud ecosystems (GCP, AWS, Azure)
  • Deep familiarity with LangChain, LangGraph, ADK or similar agentic system runtime management
  • Strong competencies in CI/CD, IaC, and DevSecOps pipelines integrating testing, compliance, and deployment automation
  • Hands-on with observability stacks (Prometheus, Grafana, Newrelic) for model and agent performance tracking
  • Understanding of governance frameworks for Responsible AI, auditability, and cost metering across training and inference workloads
  • Proficiency in containerization technologies (e.g., Docker, Kubernetes)
  • Proficient in scripting languages (e.g., Bash, python) for automation
  • Experience with workflow orchestration tools (e.g., Apache Airflow)
Job Responsibility
Job Responsibility
  • Lead data pipeline development: Build and maintain PySpark ETL pipelines with high data quality and performance
  • Manage integrations: Establish robust connections to client data sources via APIs and tools like FiveTran, Plaid, and BlackLine's own internal connector ecosystem
  • Ensure reliability: Monitor pipeline performance, automate testing, and validate data accuracy
  • Optimize for scale: Implement performance improvements (e.g., CDC mechanisms, indexing strategies) for large-scale datasets
  • Collaborate & innovate: Work with business stakeholders to refine data requirements and integrate cutting-edge AI and big data technologies
  • Partner with data science, security, and product teams to set evaluation and governance standards (Guardrails, Bias, Drift, Latency SLAs)
  • Mentor senior engineers and drive design reviews for ML pipelines, model registries, and agentic runtime environments
  • Lead incident response and reliability strategies for ML/AI systems
  • Collaborate with development teams to integrate AI solutions into existing workflows and applications
  • Ensure seamless integration with different platforms and technologies
What we offer
What we offer
  • Short-term and long-term incentive programs
  • Robust offering of benefit and wellness plans
  • Fulltime
Read More
Arrow Right

Senior Security Engineer

Recruitics is a data-centric recruitment marketing agency. We are looking for a ...
Location
Location
United States , New York
Salary
Salary:
120000.00 - 250000.00 USD / Year
recruitics.com Logo
Recruitics
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 5-7 years of experience in Security, or related roles, with at least 2-3 years working within a DevOps ecosystem
  • Hands-on experience with security tools such as SonarQube, Crowdstrike, mimecast, and tenable
  • Strong knowledge of infrastructure-as-code (IaC) tools such as Terraform, CloudFormation, or Ansible
  • Expertise in automation scripting (Python, Bash, or similar languages)
  • Experience with version control systems (Git, GitLab, Bitbucket)
  • Familiarity with security protocols and standards (OAuth, SSL/TLS, PKI)
  • Strong knowledge of network security, firewalls, identity and access management (IAM), and encryption technologies
  • Experience with vulnerability scanning tools and static/dynamic analysis
  • Strong problem-solving and analytical skills
  • Excellent communication and collaboration skills, with the ability to work with cross-functional teams
Job Responsibility
Job Responsibility
  • Secure Architecture: Under the guidance of the VP of Information Security, maintain a secure cloud architecture and evangelize security best practices within the enterprise that comply with our SOC II policies and procedures
  • DevSecOps Integration: Collaborate closely with Development, Operations, and Security teams to integrate security practices into the development lifecycle and DevOps processes
  • Vulnerability Management: Conduct vulnerability assessments, security testing, and advise teams on remediation
  • Cloud Security: Oversee and enhance the security posture of cloud-based infrastructure (AWS), ensuring secure deployments and configurations
  • Compliance & Best Practices: Ensure that security controls are aligned with industry standards and best practices (e.g., OWASP, NIST, GDPR) and work toward achieving and maintaining compliance
  • Incident Response: Be the technical point of contact on security incidents, providing expertise in root cause analysis and remediation
  • Monitoring & Auditing: Implement monitoring tools to detect and respond to security incidents and audit the security of systems and applications
  • Security Training & Awareness: Provide guidance and training to other teams on security best practices, secure coding techniques, and threat mitigation strategies
  • Tooling & Infrastructure: Select, deploy, and manage security tools and frameworks for automated security testing, vulnerability scanning, and threat detection
What we offer
What we offer
  • Competitive compensation and benefits
  • Casual work environment
  • Recruitics themed shirts roughly once a quarter
  • Part of a close-knit group in a fun work environment
  • Opportunities for career growth
Read More
Arrow Right

Senior Security Engineer

Recruitics is a data-centric recruitment marketing agency that makes it easy for...
Location
Location
United States , New York
Salary
Salary:
120000.00 - 250000.00 USD / Year
recruitics.com Logo
Recruitics
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 5-7 years of experience in Security, or related roles, with at least 2-3 years working within a DevOps ecosystem
  • Hands-on experience with security tools such as SonarQube, Crowdstrike, mimecast, and tenable
  • Strong knowledge of infrastructure-as-code (IaC) tools such as Terraform, CloudFormation, or Ansible
  • Expertise in automation scripting (Python, Bash, or similar languages)
  • Experience with version control systems (Git, GitLab, Bitbucket)
  • Familiarity with security protocols and standards (OAuth, SSL/TLS, PKI)
  • Strong knowledge of network security, firewalls, identity and access management (IAM), and encryption technologies
  • Experience with vulnerability scanning tools and static/dynamic analysis
  • Strong problem-solving and analytical skills
  • Excellent communication and collaboration skills, with the ability to work with cross-functional teams
Job Responsibility
Job Responsibility
  • Secure Architecture: Under the guidance of the VP of Information Security, maintain a secure cloud architecture and evangelize security best practices within the enterprise that comply with our SOC II policies and procedures
  • DevSecOps Integration: Collaborate closely with Development, Operations, and Security teams to integrate security practices into the development lifecycle and DevOps processes
  • Vulnerability Management: Conduct vulnerability assessments, security testing, and advise teams on remediation
  • Cloud Security: Oversee and enhance the security posture of cloud-based infrastructure (AWS), ensuring secure deployments and configurations
  • Compliance & Best Practices: Ensure that security controls are aligned with industry standards and best practices (e.g., OWASP, NIST, GDPR) and work toward achieving and maintaining compliance
  • Incident Response: Be the technical point of contact on security incidents, providing expertise in root cause analysis and remediation
  • Monitoring & Auditing: Implement monitoring tools to detect and respond to security incidents and audit the security of systems and applications
  • Security Training & Awareness: Provide guidance and training to other teams on security best practices, secure coding techniques, and threat mitigation strategies
  • Tooling & Infrastructure: Select, deploy, and manage security tools and frameworks for automated security testing, vulnerability scanning, and threat detection
What we offer
What we offer
  • competitive compensation and benefits
  • casual work environment
  • opportunities for career growth
Read More
Arrow Right
New

Sr. Cloud Solutions DevOps Engineer

Location
Location
United States , Fort Washington
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years in Infrastructure, Systems Engineering, Networking, or DevOps
  • 7+ years of hands-on AWS/Azure cloud architecture experience
  • Proven expertise in enterprise networking (routing, firewalls, VPNs, segmentation, hybrid connectivity)
  • Mastery of AWS core services and Git/GitLab CI/CD
  • Strong experience with Linux/Windows servers, containers (Docker, Kubernetes), scripting (PowerShell, Bash, Python)
  • Demonstrated success bridging Development and SaaS Operations in production environments
  • Strong background in reliability engineering and incident management
Job Responsibility
Job Responsibility
  • Architect and implement secure, scalable, and highly available cloud environments (AWS primary, Azure minimal)
  • Lead modernization initiatives leveraging cloud-native services
  • Design resilient, multi-region solutions aligned with SLA, RPO, RTO requirements
  • Establish and evolve cloud architecture standards and operational guardrails
  • Design, implement, and enhance CI/CD pipelines using Git and GitLab
  • Lead Infrastructure-as-Code (IaC) at scale using Terraform
  • Automate provisioning, release orchestration, and environment management
  • Integrate DevSecOps practices, including automated testing and security scanning
  • Lead complex cloud networking, hybrid connectivity, and segmentation (VPC/VNET, VPN, Direct Connect, ExpressRoute)
  • Architect network security: firewalls, security groups, zero-trust models, secure ingress/egress, DDoS protection
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
Read More
Arrow Right

Information System Security Engineer

Location
Location
United States , San Antonio
Salary
Salary:
77500.00 - 176000.00 USD / Year
boozallen.com Logo
Booz Allen Hamilton
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in an ISSE, ISSO, or IT role
  • 3+ years of experience developing and evaluating security documentation, including system security plans, contingency plans, security test procedures, and continuity of operations plans
  • 3+ years of experience with security architecture evaluations, guidance development, and troubleshooting
  • 3+ years of experience working with cloud service providers, including Amazon Web Services (AWS) or Microsoft Azure
  • Experience managing security applications within a cloud service provider, including AWS, Microsoft Azure, or Google Cloud
  • Experience with the NIST RMF and NIST SP 800-53 security and privacy controls, FISMA, and FEDRAMP
  • Experience with SD Elements, Fortify Static Code Analyzer, STIGs, ACAS, SCAP, or SCC tools
  • TS/SCI clearance
  • Bachelor’s degree
  • DoD 8140 Level II Certification
Job Responsibility
Job Responsibility
  • Implement and manage policies and procedures to ensure database and software security
  • Apply leading-edge principles, theories, and concepts and contribute to the development of new principles and concepts
  • Work on unusually complex problems and provide highly innovative solutions
  • Operate with substantial latitude for unreviewed action or decision
  • Mentor or supervise employees in both company and technical competencies
What we offer
What we offer
  • health, life, disability, financial, and retirement benefits
  • paid leave
  • professional development
  • tuition assistance
  • work-life programs
  • dependent care
  • recognition awards program
Read More
Arrow Right