Senior DevSecOps Engineer

About The Position

Requirements

• 5+ years of experience in AWS security automation and DevOps
• Strong experience with: AWS CDK, CloudFormation, and Terraform
• CI/CD tools (GitHub Actions, Azure DevOps)
• Python, Bash, and PowerShell scripting
• Experience integrating security tools (SAST, SCA, container scanning)
• Knowledge of CJIS and NIST 800-53 compliance frameworks
• Ability to read and interpret Java and C# code for security analysis

Nice To Haves

• Experience with EKS, ECS, Lambda security hardening
• Familiarity with tools such as Checkov, Trivy, CodeQL, OPA/Conftest
• Exposure to Azure security automation (nice to have)

Responsibilities

• Design and implement secure AWS infrastructure using CDK and CloudFormation
• Build and maintain Infrastructure-as-Code (IaC) modules and reusable templates
• Implement security guardrails and compliance enforcement patterns
• Develop secure CI/CD pipelines using GitHub Actions and Azure DevOps
• Integrate SAST, SCA, IaC, container, and secret scanning tools
• Automate compliance checks and enforce security gates in pipelines
• Implement AWS Config, Security Hub, and GuardDuty controls
• Align solutions with CJIS and NIST 800-53 compliance frameworks
• Generate audit-ready reports and compliance evidence artifacts
• Work with internal teams to adopt secure DevSecOps practices
• Provide guidance, templates, and best practices for cloud security
• Document findings, improvements, and remediation strategies

Benefits

• Flexible work from home options available.
• At SR International, we treat our consultants like family.