Cloud DevOps Engineer

About The Position

Requirements

• 5 years of experience in related field
• Bachelor’s Degree or equivalent experience
• Secret Clearance
• Security+ Certification
• 3-5 years in software development, DevOps, or security engineering
• 2+ years implementing and managing production CI/CD pipelines
• Understanding of SDLC and agile methodologies
• Proficiency in programming/scripting languages (Python, Go, Java, JavaScript, Bash)
• Experience with Git version control and branching strategies
• Hands-on experience with GitLab CI/CD
• Proficiency with Infrastructure as Code tools (Terraform, Ansible, CloudFormation)
• Experience with container technologies (Docker, Kubernetes, OpenShift)
• Familiarity with artifact repositories (Artifactory, Nexus, Docker Registry)
• Experience with application security testing tools (SAST, DAST, SCA, IAST)
• Knowledge of container/Kubernetes security best practices and frameworks (OWASP, NIST)
• Expert knowledge of AWS platforms and security services (EC2, CloudWatch, CloudTrail, S3, IAM, EKS, WAF & Shield, ECS)
• Understanding of cloud-native services, serverless architecture, and networking (VPC, subnets, firewalls, load balancers, service mesh)
• Knowledge of identity and access management (IAM, RBAC, SSO, SAML)
• Strong problem-solving and communication abilities
• Collaborative across development, security, and operations teams
• Self-motivated with ability to manage multiple priorities
• Security-first mindset with pragmatic risk management approach

Nice To Haves

• Security certifications (CISSP, CEH, GIAC, CSSLP)
• AWS Cloud certifications
• DevOps/Container certifications (CKA, CKAD, CKS, Docker Certified Associate)

Responsibilities

• CI/CD Pipeline Development & Management: Design, build, and maintain automated CI/CD pipelines using GitLab CI/CD. Implement automated build, test, deployment, and rollback processes with quality gates and approval workflows. Optimize pipeline performance and reliability.
• Security Integration & Automation: Embed security scanning tools into CI/CD pipelines (SAST, DAST, SCA, container scanning). Implement and maintain security tools (SonarQube, Fortify, OWASP). Monitor and remediate vulnerabilities in code, dependencies, and infrastructure.
• Container & Orchestration Management: Build and secure container images following best practices. Develop and maintain Kubernetes manifests, operators, and security policies (network policies, RBAC). Implement security monitoring, logging, and alerting solutions (Splunk, ELK Stack, Prometheus/Grafana). Develop automated incident response workflows and security/pipeline dashboards.
• Collaboration & Enablement: Partner with development teams on secure coding practices and vulnerability remediation. Provide DevSecOps training and guidance on tools, practices, and security requirements. Collaborate with Security, Operations, and Architecture teams on security initiatives. Participate in security-focused code reviews.

Benefits

• flexible time off
• robust learning resources
• competitive compensation
• benefits and learning and development opportunities
• comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits