DevSecOps Engineer

As a DevSecOps Engineer, you will integrate security practices into our DevOps processes, working closely with development, and operations teams to ensure robust, secure code deployments. You’ll be responsible for identifying security vulnerabilities, automating security measures, and maintaining compliance throughout the development lifecycle.

Key Responsibilities
Security Integration: Embed security tools and processes into CI/CD pipelines to automate and enforce security standards.
Infrastructure as Code (IaC): Design and implement secure infrastructure through code using tools like Terraform, Ansible, and CloudFormation.
Vulnerability Management: Identify, prioritize, and mitigate vulnerabilities in code, applications, and infrastructure.
Monitoring & Logging: Set up monitoring, logging, and alerting for security-related events and work with incident response teams as needed.
Collaboration: Work with development and operations teams to understand project needs and ensure security without compromising agility.
Compliance: Ensure compliance with security standards and best practices, including data protection laws, industry regulations, and company policies.
Documentation: Create and maintain comprehensive security documentation and provide training on secure development practices.

Key Skills & Qualifications
Experience: Minimum 3+ years in DevOps, DevSecOps, or a related role.
Technical Skills:
CI/CD Tools: Hands-on experience with CI/CD tools (e.g., Github Actions).
IaC: Proficiency with infrastructure as code tools (e.g., Terraform, Ansible, CloudFormation).
Scripting: Strong scripting skills in languages such as Python, Bash, or PowerShell.
Cloud: Experience with cloud platforms (e.g., AWS) and securing cloud-based infrastructure.
Security Tools: Knowledge of security tools and practices, such as static application security testing (SAST), dynamic application security testing (DAST), vulnerability scanning, and endpoint security.
Knowledge of Standards: Familiarity with frameworks like NIST, ISO 27001, SOC 2, and compliance requirements such as GDPR, HIPAA.
Soft Skills: Excellent problem-solving abilities, strong communication, and collaboration skills.
Preferred Qualifications
Certifications: Relevant certifications such as AWS Certified Security, Certified DevSecOps Professional, CISSP, or OSCP.
Agile/DevOps Practices: Experience working within Agile, Scrum, or Kanban teams.
Monitoring and Logging: Experience with tools like ELK Stack, Splunk, Prometheus, or Grafana.

To apply, please send your resume and a brief cover letter explaining your experience with DevSecOps practices to hr@consultareinc.com with subject: Application for DevSecOps Engineer