Devsecops Engineer

Friendswood, Texas

 Infinity Consulting Solutions
Apply for this Job
Job Title: DevSecOps (AWS Security) Engineer

Responsibilities:
  • Implement and optimize security controls for AWS cloud infrastructure.
  • Monitor and review application and infrastructure security posture, initiating remediation efforts with relevant teams.
  • Recommend new or revised security measures and countermeasures for current security challenges.
  • Integrate DAST and SAST tools seamlessly into CI/CD pipelines.
  • Collaborate with DevOps and Platform teams to ensure security considerations are embedded from the outset.
  • Automate security testing (e.g., vulnerability scanning, static code analysis) within the deployment pipeline.
  • Identify, create, and implement security standards for CI/CD pipelines and infrastructure deployment automations.
  • Oversee the implementation and administration of logging and monitoring services to safeguard the security and integrity of applications.
  • Create and maintain system documentation, architecture diagrams, and online collaborative documentation (e.g., Wiki) with high quality.
  • Support software engineers in following the software delivery lifecycle and secure development practices.
  • Assume a leadership role in knowledge transfer and skill development for team members.
Requirements:
  • 5+ years of demonstrable experience with AWS cloud security infrastructure and tools.
  • Experience with three or more of the following AWS services: GuardDuty, CloudTrail, CloudWatch, Inspector, SecurityHub, TrustedAdvisor, Config, ControlTower / GuardRails.
  • Experience using organizational cloud governance constructs (e.g., AWS Organizations including OUs and SCPs).
  • Strong understanding and experience with IAM, including roles and policies.
  • Strong understanding and experience with cloud access control & security mechanisms (e.g., ACL, Security Groups, VPCs).
  • Strong knowledge of application development, systems engineering, and network engineering to develop security requirements and best practices, enterprise risk assessment methodologies.
  • Experience with CI/CD pipeline tooling (Artifactory/ECR, GitHub Actions).
  • Experience with tools such as CloudWatch, Config, Control Tower, Inspector, and Wiz.
  • Ability to show initiative and translate business requirements and needs into technical, secure solutions.
  • Excellent communication skills with the ability to communicate complex security concepts clearly and concisely.
  • Experience mentoring other engineers.
Date Posted: 15 May 2025
Apply for this Job
Show me similar jobs
Send me jobs by email