DevSecOps Engineer

• Implement and maintain security policies and procedures to protect our systems and data across AWS, GCP, and Azure platforms
• Automate security controls, data, and processes to provide improved metrics and operational support using scripting languages such as Python, Node.js, and Bash
• Work closely with the development team to integrate security practices into the development lifecycle from the initial design phase through deployment, including the implementation of CI/CD pipelines
• Conduct system and application vulnerability testing, risk analyses, and security assessments
• Manage and configure cloud-based environments for optimal performance and security
• Respond to and, where possible, prevent security incidents and breaches, participating in post-mortem analysis to avoid similar vulnerabilities
• Ensure compliance with industry standards and certifications such as SOC2 and ISO 27001
• Stay up-to-date with emerging security threats and incorporate new security technologies and best practices into the company’s infrastructure

• Minimum 4 years of experience in a DevOps role with a focus on security (DevSecOps)
• Proven experience with cloud services (AWS, GCP, Azure), including architecture and security configurations
• Strong scripting skills in Python, Node.js, and Bash
• Knowledge of security principles, techniques, and technologies (e.g., encryption, IAM, network security, application security)
• Experience with CI/CD tools and processes
• Familiarity with containerization and orchestration technologies (e.g., Docker, Kubernetes)
• Demonstrated experience in managing and achieving SOC2 and ISO 27001 certifications
• Excellent problem-solving skills and the ability to work under pressure
• Strong communication and collaboration skills to work effectively across teams

Relevant certifications (e.g., AWS Certified Security Specialty, Certified Kubernetes Administrator, CompTIA Security+) are a plus