DevSecOps Engineer Remote

Role Description

We are seeking a highly skilled and experienced Sr. DevSecOps engineer to join our fastpaced and securityfocused team. The ideal candidate will have extensive expertise in GitHub GitHub Actions Terraform AWS CI/CD processes TypeScript and testing frameworks. This role requires someone who can take ownership of projects and drive them to completion with minimal oversight. The successful candidate will thrive in a fastpaced environment demonstrating excellent problemsolving skills strong attention to detail and a focus on maintaining secure systems.

Key Responsibilities

• Project Ownership: Deliver projects to completion. Ensure successful of tasks and regular deployments to production.
  
• CI/CD Strategy: Implement and manage robust CI/CD pipelines using GitHub Actions and Terraform to automate code testing building and deployment processes.
  
• AWS Infrastructure: Maintain cloud infrastructure using AWS services such as ECS ECR EKS Cognito VPC Transit Gateway and Route53. Ensure best practices in infrastructureascode and cloud security.
  
• Terraform Expertise: Utilize Terraform to define and provision AWS resources ensuring high scalability availability and security of cloud environments.
  
• Automation & Optimization: Automate system configurations software deployments and infrastructure scaling to optimize workflows and system performance.
  
• Dockerization: Assist software engineers in containerizing their applications using Docker and preparing them to run efficiently on AWS ECS Fargate and EKS Fargate.
  
• TypeScript/JavaScript Support: Work closely with software engineers to support the development of secure scalable application services using TypeScript and JavaScript frameworks such as NestJS and Next.js.
  
• Test Writing: Guide and assist software engineers and QA team members in writing effective tests using the Jest framework to ensure the reliability and robustness of their applications.
  
• Security & Compliance: Implement DevSecOps best practices ensuring that all deployments meet the highest security standards. Familiarity with compliance frameworks (e.g. NEST CSF HIPAA/HITRUST SOC 2) is a plus.
  
• Monitoring & Troubleshooting: Set up monitoring and alerting for infrastructure and services proactively addressing performance bottlenecks and security vulnerabilities within software applications and infrastructure.
  
• Collaboration & Communication: Work closely with developers QA teams and other stakeholders to ensure smooth reliable daily deployments to production and fast iterations.
  
• Documentation: Document processes configurations and project outcomes to ensure clarity and transparency in all aspects of the DevSecOps lifecycle.
  

Qualifications

• 5 years of DevOps/DevSecOps experience with a focus on security automation and cloud infrastructure.
  
• Expertise in Terraform for provisioning cloud resources and infrastructure automation.
  
• Expertise with Docker and container orchestration (ECS/EKS).
  
• Expertise experience with AWS services including ECS ECR EKS Cognito Lambda S3 VPC Transit Gateway and Route53.
  
• Proficiency in Docker with experience containerizing applications and deploying them on AWS ECS Fargate and EKS Fargate.
  
• Proficiency in GitHub and GitHub Actions including managing repositories creating workflows and automating deployment pipelines.
  
• Proficiency in TypeScript/JavaScript including experience with frameworks like NestJS and Next.js.
  
• Solid understanding of CI/CD processes and ability to architect scalable efficient pipelines.
  
• Experience with networking and security in AWS (e.g. VPC IAM Security Groups).
  
• Ability to work independently and manage complex tasks in a fastpaced environment with minimal oversight.
  
• Strong problemsolving skills with a focus on security automation and efficiency.
  
• Excellent written and verbal communication skills.
  

Nice to Have:

• Familiarity with compliance frameworks such as NEST CSF HIPAA SOC 2 or similar.
  
• Experience working in highly secure regulated environments.