Senior DevSecOps Engineer – AWS

What success looks like in this role:

• Design and implement secure, scalable, and resilient cloud infrastructure on AWS.
• Integrate security practices into CI/CD pipelines and DevOps workflows.
• Develop and maintain Infrastructure-as-Code (IaC) using Terraform, CloudFormation, or AWS CDK.
• Implement automated security scanning tools (e.g., Snyk, Checkov, AWS Inspector) in build and deployment pipelines.
• Manage identity and access controls using AWS IAM, SSO, and Secrets Manager.
• Monitor and respond to security incidents using AWS CloudTrail, Guard Duty, and Security Hub.
• Conduct threat modeling, vulnerability assessments, and risk analysis.
• Collaborate with development, operations, and security teams to enforce security best practices.
• Ensure compliance with industry standards (e.g., ISO 27001, SOC 2, HIPAA, GDPR).
• Mentor junior engineers and contribute to security awareness across teams.

#LI-BN1

You will be successful in this role if you have:

Required Skills & Qualifications:

• 8+ years of experience in DevOps, Cloud Engineering, or Security Engineering.
• 5+ years of hands-on experience with AWS services and cloud security.
• Strong knowledge of AWS security services (IAM, KMS, Guard Duty, Security Hub, WAF, etc.).
• Proficiency in scripting languages (Python, Bash) and automation tools.
• Experience with CI/CD tools (Jenkins, GitLab CI, AWS CodePipeline).
• Familiarity with container security (Docker, Kubernetes, EKS).
• Expertise in Infrastructure-as-Code and automated compliance checks.
• AWS certifications such as Security Specialty or DevOps Engineer – Professional.

• Strong analytical, problem-solving, and communication skills.

Security Tools & Technologies:

• AWS Security Hub – centralized security posture management.
• Amazon GuardDuty – intelligent threat detection.
• AWS Config – resource compliance and configuration tracking.
• AWS CloudTrail – audit logging and activity monitoring.
• AWS IAM & Access Analyzer – identity and access management.
• Amazon Inspector – automated vulnerability scanning.
• HashiCorp Vault – secrets management.
• SonarQube / Snyk / Checkmarx – code security scanning.
• Twistlock / Aqua Security – container security.
• Splunk / ELK Stack / Datadog – security monitoring and log analysis.

Preferred Qualifications:

• Experience with compliance frameworks (ISO 27001, SOC 2, HIPAA, GDPR).
• Knowledge of Zero Trust architecture and micro segmentation.
• Exposure to multi-cloud environments (Azure, GCP).
• Strong communication and presentation skills.
• Experience leading cloud security audits and assessments.

Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, blood type, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law.

This commitment includes our efforts to provide for all those who seek to express interest in employment the opportunity to participate without barriers. If you are a US job seeker unable to review the job opportunities herein, or cannot otherwise complete your expression of interest, without additional assistance and would like to discuss a request for reasonable accommodation, please contact our Global Recruiting organization at GlobalRecruiting@unisys.com or alternatively Toll Free: 888-560-1782 (Prompt 4).  US job seekers can find more information about Unisys’  EEO commitment here.