Senior AWS Cloud DevSecOps Engineer

NewVison


Job Location:

Pune - India

Monthly Salary: INR 2000000 - 3000000
Posted on: 4 days ago
Vacancies: 1 Vacancy

Job Summary

Total Experience:8 years

Relevant Experience:5 years (min. 2 yrs in lead/architect capacity)

Primary Platform:Amazon Web Services (AWS)

Engagement Type:Enterprise production multi-region regulated cloud environments

Required Certification:AWS Certified DevOps Engineer Associate or Professional(minimum requirement for this senior role)

ABOUT THE ROLE & ORGANISATION

Together with our client we are building a secure enterprise-grade AWS platform that supports critical business operations at scale where reliability security and delivery speed directly impact outcomes.

Our DevSecOps team owns the infrastructure lifecycle including IaC CI/CD Kubernetes observability security and developer experience in close partnership with engineering security and operations teams.

ROLE OVERVIEW

The Senior AWS Cloud DevSecOps Engineer owns secure scalable and highly available AWS infrastructure defining standards reference patterns and delivery direction for the DevOps team.

The role combines platform engineering automation CI/CD observability security and leadership in enterprise regulated environments to improve reliability deployment speed and cloud security.

KEY SKILLS & TECHNOLOGY STACK

Category

Technologies / Tools

Cloud Platform

Amazon Web Services (AWS)

AWS Core Services

EKS API Gateway ALB / NLB CloudFront VPC AWS PrivateLink Secrets Manager KMS SQS SNS Amazon Kinesis S3 RDS / Aurora

IaC & Automation

Terraform (modular remote state env separation) AWS CDK Bash PowerShell Python

CI/CD

AWS CodePipeline CodeBuild CodeDeploy GitHub Actions GitLab CI/CD Jenkins

Containers & K8s

Amazon EKS Helm Docker Fargate Service Mesh (Istio / Linkerd advantage) GitOps: ArgoCD / Flux

Observability

Amazon CloudWatch AWS X-Ray AWS CloudTrail OpenSearch / ELK Datadog / Dynatrace (full-stack APM)

Security & Identity

AWS IAM IAM Identity Center (SSO) IRSA Secrets Manager KMS AWS Config Security Hub GuardDuty Macie Inspector WAF Shield Security Groups VPC Endpoints

Vulnerability Mgmt

AWS Inspector Qualys cloud compliance & posture management tooling

Networking

VPC Subnets Security Groups NACLs Route 53 PrivateLink Transit Gateway ALB / NLB CloudFront

FinOps

AWS Cost Explorer AWS Budgets Compute Optimizer Savings Plans Reserved Instance planning

KEY RESPONSIBILITIES

Cloud Architecture & Platform Ownership

  • Own the AWS DevSecOps roadmap engineering standards and reusable reference patterns.
  • Design Terraform and AWS CDK modules for production-grade multi-region infrastructure.
  • Govern core AWS services including EKS API Gateway ALB/NLB CloudFront VPC PrivateLink Secrets Manager KMS SQS SNS and Kinesis.
  • Standardise infrastructure configuration and environment parity across production staging and development.
  • Apply FinOps practices using AWS Cost Explorer Compute Optimizer Savings Plans and related tooling.

CI/CD & Delivery Engineering

  • Build and operate reusable CI/CD pipelines with AWS CodePipeline CodeBuild CodeDeploy GitHub Actions GitLab CI/CD or Jenkins.
  • Embed security checks such as SAST secret scanning and container image scanning into delivery workflows.
  • Use ArgoCD or Flux for declarative auditable Kubernetes delivery on EKS.

Kubernetes & Container Platform

  • Manage Amazon EKS clusters ingress autoscaling Karpenter and service mesh adoption where applicable.
  • Maintain Helm libraries and containers build pipelines for multi-environment delivery via Amazon ECR.
  • Troubleshoot Kubernetes issues perform root-cause analysis and implement scalable fixes.

Observability & Reliability

  • Drive observability with CloudWatch X-Ray OpenSearch Datadog or Dynatrace for tracing dashboards SLOs and alerts.
  • Define reliability standards error budgets incident response practices and blameless postmortems.
  • Improve reliability and deployment efficiency through proactive monitoring and automated remediation.

Security & Compliance (DevSecOps)

  • Embed security across IAM secrets encryption network controls and CI/CD workflows.
  • Manage cloud security posture using IAM Identity Center IRSA AWS Config Security Hub GuardDuty Macie Inspector WAF Shield and VPC Endpoints.
  • Support vulnerability remediation cloud governance and compliance requirements such as SOC 2 PCI-DSS HIPAA or FedRAMP where applicable.
  • Resolve compute storage IAM and public access findings as part of ongoing cloud security operations.

Leadership & Collaboration

  • Lead and mentor the DevSecOps team while reinforcing ownership standards and continuous improvement.
  • Partner with engineering product security and business stakeholders to improve developer experience and delivery outcomes.
  • Communicate technical trade-offs clearly and maintain practical architecture and platform documentation.

REQUIRED QUALIFICATIONS

  • 5 years in DevOps Cloud or SRE including 2 years in a lead or architect role.
  • Hands-on production AWS experience with EKS API Gateway ALB/NLB CloudFront VPC PrivateLink Secrets Manager KMS SQS SNS and Kinesis.
  • Strong Terraform skills including modular design remote state and environment separation; AWS CDK is a plus.
  • Production Kubernetes experience with Amazon EKS Helm and containerized applications.
  • CI/CD experience with CodePipeline CodeBuild CodeDeploy GitHub Actions GitLab CI/CD or Jenkins.
  • Strong AWS networking security identity scripting troubleshooting and production support skills.
  • Experience in enterprise multi-region AWS environments and ability to explain technical trade-offs to stakeholders.
  • AWS Certified DevOps Engineer Associate or Professional is mandatory.

PREFERRED QUALIFICATIONS

  • Exposure to Azure or GCP alongside AWS.
  • Experience with GitOps Datadog/Dynatrace FinOps vulnerability management or service mesh technologies.
  • Exposure to regulated financial services or global operational environments.
  • Graduate or postgraduate degree or equivalent qualification.

CERTIFICATIONS

Required (Senior Level)

DOP-C02

AWS Certified DevOps Engineer Professional

Mandatory minimum for this role

DVA-C02 *

AWS Certified DevOps Engineer Associate

* Accepted with 3 yrs demonstrated production AWS experience

Strongly Recommended

SAA-C03

AWS Certified Solutions Architect Associate

Core AWS platform breadth

SAP-C02

AWS Certified Solutions Architect Professional

Architect-level depth

CKA

Certified Kubernetes Administrator

EKS cluster operations

Advantageous

SCS-C02

AWS Certified Security Specialty

Deep DevSecOps coverage

TF-003

HashiCorp Terraform Associate / Professional

IaC best practices

CKAD

Certified Kubernetes Application Developer

Complementary to CKA

Datadog / Dynatrace Professional Certification

Observability depth

GitLab / GitHub Actions Certified CI/CD Professional

Pipeline expertise


Required Experience:

Senior IC

Total Experience:8 yearsRelevant Experience:5 years (min. 2 yrs in lead/architect capacity)Primary Platform:Amazon Web Services (AWS)Engagement Type:Enterprise production multi-region regulated cloud environmentsRequired Certification:AWS Certified DevOps Engineer Associate or Professional(minimum ...