DevSecOps Engineer

Secure Software Development Lifecycle

Serve as the technical owner of our GitHub Enterprise tenant.

Manage the configuration of GitHub & the Advanced Security features.

Develop and maintain CI/CD pipelines with reusable GitHub Actions templates for various cloud deployment patterns.

Collaborate with development teams to ensure consistent and secure application deployments.

Cloud Governance And Guardrails

Configure and manage AWS Service Control Policies (SCPs)

Establish and maintain governance practices to monitor cloud resources.

Partner with Incidence Response team to customize WIZ integration.

Compliance Dashboard And Alerting

Using the existing cloud-based security tooling, create and maintain compliance dashboards for tracking adherence to security standards and policies.

Implement alerting mechanisms for timely response to compliance issues.

Create meaningful metrics on the existing cloud security maturity that can be used to drive priorities.

Qualifications

Knowledge of security best practices and compliance frameworks (HIPPA, SOX)

Proven experience working with AWS and Azure cloud platforms.

Strong proficiency in Terraform for infrastructure provisioning and automation.

Expertise in scripting languages such as Python, Bash, or PowerShell.

Hands-on experience with production deployments and troubleshooting.

Familiarity with FinOps principles and practices.

Excellent communication skills and the ability to collaborate with cross-functional teams.

Nice To Have

Knowledge of AWS Security Hub, Microsoft Defender, WIZ

Previous participation in security audits of cloud environments

AWS Certifications - with equivalent experience

Familiar with Active Directory/Azure AD/Azure AD Domain Services

Understanding of Azure Virtual Desktop Services