Design and implement DevSecOps pipelines that integrate security checks throughout the CI/CD process.
Automate build, deployment, and infrastructure provisioning using tools like Jenkins , GitHub Actions , Terraform , or AWS CodePipeline .
Embed security controls into application development and deployment processes (SAST, DAST, dependency scanning, container security).
Manage and monitor AWS infrastructure for high availability, security, and cost optimization.
Implement Infrastructure as Code (IaC) for consistent and repeatable environment provisioning.
Work closely with developers to promote secure coding practices and vulnerability remediation .
Deploy and manage containerized workloads using Docker, ECS, or Kubernetes.
Enforce IAM , network security , and encryption standards in line with company policies.
Respond to security incidents and participate in root cause analysis and continuous improvement.
Maintain documentation for pipelines, configurations, and security standards.

Required Skills and Experience

7+ years of experience in DevOps, Cloud Engineering, or Security Engineering.
Strong expertise in AWS (EC2, EKS/ECS, Lambda, RDS, S3, CloudFormation, CloudWatch, Inspector).
Proficiency with CI/CD tools Jenkins, GitLab CI, GitHub Actions, or Azure DevOps.
Hands-on experience with Infrastructure as Code (IaC) Terraform, Ansible, or AWS CDK.
Knowledge of DevSecOps tools :
Static code analysis (SonarQube, Checkmarx)
Dependency and container scanning (Trivy, Snyk, Twistlock)
Secrets management (HashiCorp Vault, AWS Secrets Manager)
Experience implementing security policies , monitoring , and incident response .
Familiarity with .NET Core , Angular , and PostgreSQL environments preferred.
Strong understanding of network security, IAM, and compliance frameworks (SOC2, ISO 27001, NIST)

DevSecOps Engineer