Senior DevSecOps Engineer

About The Position

Requirements

• A four-year degree in Computer Science, Software Engineering, Information Technology, or a related field.
• Five or more years of experience in DevOps, DevSecOps, or related roles.
• Deep knowledge of security tools and best practices, including vulnerability scanning, intrusion detection, and compliance frameworks (e.g., NIST CSF, SOC 2, ISO 27001, PCI-DSS, HIPAA).
• Strong background in cloud platforms (Microsoft Azure, AWS, or Google Cloud) with a focus on securing cloud infrastructure and services.
• Proficiency with containers (Docker, Kubernetes) and the secure configuration of containerized workloads.
• Experience with CI/CD pipelines (e.g., Jenkins, GitLab CI, GitHub Actions) and related automation tools.
• Familiarity with infrastructure-as-code tools (Terraform, Ansible, or CloudFormation) and their secure configurations.
• Experience with logging, monitoring, and alerting solutions (e.g., ELK Stack, Prometheus, Grafana) and best practices for security operations (SOC, SIEM, etc.).
• Strong understanding of application security (OWASP Top Ten, secure coding practices, SAST/DAST).
• Advanced analytical, conceptual, and creative problem-solving abilities.
• Ability to translate complex security or DevOps requirements into actionable solutions.
• Solid experience in generating standardized documentation for DevSecOps processes and best practices.
• Must be self-motivated, work independently, and be a team player amenable to a variety of work projects.
• Must maintain a high level of confidentiality.
• Must be able to demonstrate a proactive commitment to ATS corporate values and the success of all staff.
• Excellent interpersonal and communication skills (written, listening, and verbal).
• Willing and able to travel occasionally, including overnight travel.

Responsibilities

• Lead the design, implementation, and maintenance of CI/CD pipelines that integrate security controls at every stage.
• Ensure automated testing, vulnerability scanning, and compliance checks are performed continuously.
• Establish and maintain a robust application and infrastructure security posture, including vulnerability scanning, threat modeling, and penetration testing.
• Collaborate with development teams to remediate identified security gaps promptly
• Architect and maintain secure cloud environments in Azure, AWS, or Google Cloud.
• Champion best practices for container orchestration, including Kubernetes security, network segmentation, and secure container images.
• Advance automation efforts for provisioning, configuration management, and infrastructure deployment (IaC).
• Define and document standardized operating procedures (SOPs) for secure infrastructure deployment and maintenance.
• Partner with cross-functional teams-developers, QA, architects, and operations-to embed security and DevOps principles in the software development lifecycle (SDLC).
• Mentor and coach junior team members on DevSecOps best practices and emerging technologies.
• Implement centralized logging, monitoring, and alerting solutions to track system health and security events.
• Develop incident response processes and lead post-incident reviews to identify root causes and implement improvements.
• Ensure adherence to relevant security and regulatory standards (NIST CSF, SOC 2, ISO 27001, PCI-DSS, HIPAA, etc.).
• Develop and maintain security policies, standards, and guidelines in collaboration with management and other stakeholders.
• Keep abreast of emerging trends and technologies in DevSecOps, cloud security, and application security.
• Evaluate and integrate new tools, technologies, and processes to enhance security, reliability, and efficiency.
• Understands and consistently performs in accordance with ATS Mission, Vision, and Values.
• Support ATS' culture by aligning actions, behaviors, performance, and decisions in accordance with the Company's values as set forth in our All-Employee Competencies.
• Complete work responsibilities outside of normal business hours as needed and infrequent travel may be required.
• Perform other duties and responsibilities as assigned.

Benefits

• employees may be eligible for performance-based incentives
• health, dental, and vision insurance
• 401k retirement savings plan effective on the first of the month following 60 days of employment
• paid holidays
• paid time off
• access to professional development opportunities
• wellness programs
• employee assistance resources