DevSecOps Engineer

Job Title: Senior DevSecOps Engineer
Location: St. Cloud MN (onsite for the first 6 months; potential for 1 day remote thereafter)
Employment Type: Permanent (Direct Hire)
Shift: 8:00 AM 5:00 PM
Start Date: ASAP
Immigration Status: U.S. Citizens or Green Card Holders only (No sponsorship available)
Degree: Required (Bachelors degree in Computer Science Software Engineering Information Technology or a related field)
Experience: 5 years in a similar role

The Senior DevSecOps Engineer is responsible for designing implementing and maintaining secure scalable and resilient development and operational processes across the organization. This role drives a securityfirst culture ensuring that both existing and emerging platforms adhere to best practices in security compliance and reliability. The role includes empowering continuous integration and delivery (CI/CD) pipelines automating processes and providing technical leadership in secure coding vulnerability assessment and remediation. This position also serves as a trusted advisor to leadership and key stakeholders sharing best practices and emerging trends in DevSecOps.

• Lead the design implementation and maintenance of CI/CD pipelines integrating security controls at every stage.

• Implement automated testing vulnerability scanning and compliance checks.

• Establish and maintain a robust application and infrastructure security posture (vulnerability scanning threat modeling penetration testing).

• Collaborate with development teams to remediate security gaps promptly.

• Architect and maintain secure cloud environments in Microsoft Azure AWS or Google Cloud.

• Champion best practices for container orchestration (e.g. Kubernetes security network segmentation secure container images).

• Advance automation efforts for provisioning configuration management and infrastructure deployment (Infrastructure as Code).

• Collaborate with crossfunctional teams (developers QA architects and operations) to embed security and DevOps principles in the software development lifecycle (SDLC).

• Mentor junior team members on DevSecOps best practices.

• Implement centralized logging monitoring and alerting solutions.

• Ensure adherence to security and regulatory standards (NIST CSF SOC 2 ISO 27001 PCIDSS HIPAA etc..

• Develop and maintain security policies standards and guidelines in collaboration with management and stakeholders.

• Stay uptodate with emerging trends and technologies in DevSecOps cloud security and application security.

Education:

• A fouryear degree in Computer Science Software Engineering Information Technology or a related field.

Experience:

• 5 years of experience in DevOps DevSecOps or related roles.

• Deep knowledge of security tools and best practices (vulnerability scanning intrusion detection compliance frameworks like NIST CSF SOC 2 ISO 27001 PCIDSS HIPAA).

• Strong background in securing cloud infrastructure and services (Azure AWS Google Cloud).

• Proficiency with containers (Docker Kubernetes) and secure configuration.

• Experience with CI/CD tools (e.g. GitLab Jenkins).

• Familiarity with infrastructureascode tools (Terraform Ansible CloudFormation).

• Experience with logging monitoring and alerting solutions (ELK Stack Prometheus Grafana).

• Strong understanding of application security (OWASP Top Ten SAST/DAST secure coding practices).

Certifications:

• Desired certifications include but are not limited to AWS Certified DevOps Engineer Azure DevOps Engineer Google Cloud Professional Cloud Security Engineer.

• Experience in a family/faithbased work environment.

• Ability to build out security frameworks and mature DevSecOps practices.

• Comfortable working independently and as part of a team.

• This position is primarily performed in an office setting.

• Constant use of a computer (keyboard mouse monitor).

• Regular communication with internal and external customers.

• Benefits: Health dental and vision insurance; 401k retirement savings plan (after 60 days of employment); paid holidays and time off; wellness programs; professional development opportunities.

• Incentives: Performancebased incentives potential for bonuses.

• Work Flexibility: Onsite for the first 6 months potential for 1 day remote thereafter.