DevSecOps Engineer

Required skills  

·      Degree or Diploma in Computer Science, Computer or Electronics Engineering, Information Technology, or related disciplines. 

·      Passion for automation, standardization, and best practices in infrastructure and security. 

·      Strong understanding of the Software Development Life Cycle (SDLC), Test Driven Development (TDD), Continuous Integration (CI), and Continuous Delivery (CD). 

·      Experience working with high availability, high performance, and high security multi-data center systems and hybrid cloud environments.

·       Proficiency in at least three programming/scripting languages (Bash, PowerShell, Python, Go). 

·      Experience with Git and modern branching workflows. 

·      Experience with public cloud platforms (AWS, Azure, Google Cloud). 

·      Experience with automated provisioning tools (Ansible, Terraform, Puppet, Vagrant). 

·      Hands-on experience with virtualization technologies (KVM, VMware, Hyper V). 

·      Strong understanding of container technologies (Docker, Kubernetes). 

·      Knowledge of Cloud Native Computing Foundation (CNCF) tools (Prometheus, Helm, ArgoCD, Istio, Gatekeeper, Crossplane). 

·      Experience with infrastructure monitoring and observability tools. 

·      Strong ability to troubleshoot complex issues across system resources and application stacks. 

·      Experience with CI/CD pipelines and DevOps tools (GitLab, Jenkins, BitBucket, ArgoCD). 

·      Experience with disaster recovery planning, system backup, and restore processes. 

·      Knowledge of RPM-based software packaging and deployment. 

Security & Compliance: 

·      Experience implementing security controls within CI/CD pipelines and cloud native architectures. 

·      Hands-on experience with security assessments, vulnerability scanning, and system hardening. 

·      Familiarity with enterprise security tools (HashiCorp Vault, ElasticSearch Enterprise, Tenable, HP Fortify, Sonatype Nexus IQ, AWS security services). 

·      Strong understanding of network infrastructure, including firewalls, subnets, routing, and access controls. 

·      Experience performing security assessments in government or highly regulated environments. 

Key Responsibilities: 

·      The DevSecOps Engineer is responsible for designing, automating, and maintaining secure, scalable, and resilient infrastructure and deployment pipelines. 

·      The role requires expertise in cloud platforms, automation, security best practices, and modern DevOps methodologies. 

·      Engineers must work in an agile, collaborative environment, ensuring seamless integration of security into development workflows and infrastructure operations. 

·      Develop automation and processes to enable teams to deploy, manage, scale, and monitor applications in data centers and cloud environments. 

·      Troubleshoot and resolve system and application issues across platforms, participating in on-call escalations for critical incidents. 

·      Take ownership of end-to-end infrastructure and security solutions across the organization. 

·      Deploy and manage monitoring tools to track infrastructure performance, utilization, and health.

·       Implement configuration management systems for business continuity and automate disaster recovery measures. 

·      Provision virtual machines, databases, application containers, and licenses for development teams. 

·      Configure and maintain CI/CD pipelines, incorporating streamlined change management and release processes. 

·      Develop scripts and automation tools to support software build, integration, and deployment across development and production environments. 

·      Automate the configuration management of development, quality assurance, and production workloads. 

·      Design, build, optimize, and monitor automation systems to identify bottlenecks and maximize service availability. 

·      Implement security practices that comply with industry standards to protect the organization’s data and infrastructure. 

·      Plan, implement, and monitor system security architecture, including threat and risk assessments. 

·      Perform security checks, such as vulnerability assessments and system hardening, and troubleshoot security incidents. 

·      Apply secure configurations and best practices when implementing security controls in infrastructure and applications