Cloud DevSecOps Engineer III

About The Position

Requirements

• High School Diploma or GED and eight (8) years of related post-secondary education and/or experience in Information Security or Information Technology
• Applicants for this position must be currently authorized to work in the United States on a full-time basis.

Nice To Haves

• Four (4) years of relevant DevSecOps experience
• AWS DevOps certification or Azure DevOps certification
• Experience in building / deploying cloud native applications – OpenShift, Azure Kubernetes Service (AKS)
• Experience in observing real-time metrics in the pipeline and deployment strategies – Blue/Green, Canary Deployment
• Experience with either AWS or Azure cloud technologies
• Experience with interfacing with secrets management solutions like Hashicorp Vault
• Familiar with implementing Chaos engineering principles in the pipeline to determine weak links and suggest solutions.
• Familiar with testing tools used to facilitate automation and integration of the tools into CI/CD pipelines
• Must be comfortable in developing pipelines as code using yaml specs, ansible playbooks
• Excellent knowledge of Cloud infrastructure, networking, services, and cloud architectural patterns; specifically, compute using virtual machines, managed infrastructure, containers, serverless, as well as database services, security services, and application services
• Proficient in python programming language
• Understanding of Shift Left principles and facilitation technologies
• Working Knowledge of Jenkins, Azure DevOps, Ansible, Terraform, Packer, Git, ServiceNow a big plus

Responsibilities

• Partners with other engineers and information technology staff to orchestrate code builds, quality and security analyses, deployments, and automated testing through CI/CD release candidacy pipelines
• Articulates business needs and translate them into technology solutions
• Models release candidate CI/CD pipelines as a mechanism to communicate the states and steps necessary to determine a release candidate for each application and service
• Designs and develops fully autonomous CI/CD pipelines which facilitate cloud deployments which includes automation of all infrastructure, services and application build and deployment
• Ensures that all parts of the pipeline follow good software engineering practices to include automated tests and infrastructure tests
• Researches new technologies that will improve efficiency and effectiveness
• Implements highly scalable CI/CD platforms to support high change volumes and fast feedback
• Automates operational activities and tasks
• Responds to performance issues identified by alerts and reported incidents related to CI/CD platforms
• Builds tools which reduce errors and improve our overall customer experiences
• Assists in troubleshooting of production issues and ensure pipeline and infrastructure produces clear documentation and metrics which enables Root Cause Analysis
• Develops and tests – Ansible Playbooks, Terraform Scripts, Packer Scripts and establish immutable infrastructure such that patches are an artifact of the past
• Works with Enterprise Architecture, Information Security (InfoSec), Software Delivery, and Quality Assurance to enable the organization to move to the cloud using complete automation
• Partners across Technology, Operations, Digital, and Data (TODD) to ensure controls are designed, implemented, and monitored to strengthen risk management, compliance, and cyber security, effectively mitigating risk to levels within the company’s risk appetite
• Practices disciplined change management by evaluating risk and control impacts when designing or implementing changes to processes, systems, products, and/or services and ensures appropriate updates to procedures, training, and controls are made accordingly
• As a Cloud DevSecOps Engineer, you will spearhead the definition, maintenance, and adoption of “golden path” CI/CD pipeline patterns (templates, reusable stages, policy-as-code guardrails) that teams can consume in self-serviced way.
• Builds and operates a self-service pipeline platform (developer portal/catalog, scaffolding, versioned templates) that enables teams to onboard new services quickly while meeting security and compliance requirements by default.
• Establishes standardized DevSecOps controls and automation across pipelines (SAST/DAST/SCA, IaC scanning, SBOM generation, artifact signing, provenance/attestations) with clear exception and risk-acceptance workflows.
• Partners with application teams to improve developer experience: fast feedback loops, local-to-CI parity, streamlined secrets access, progressive delivery enablement, and opinionated defaults that reduce cognitive load.
• Defines and tracks pipeline/platform success metrics (lead time, deployment frequency, change failure rate, MTTR, security findings SLA, build performance), and drives continuous improvement through reliability engineering and product-style roadmapping.

Benefits

• Paid Vacation/Sick Time
• 401K with Company Match
• Medical, Dental and Vision Benefits
• Disability Benefits
• Health Savings Account
• Flexible Spending Account
• Life Insurance
• Parental Leave
• Employee Assistance Program
• Associate Volunteer Program