DevSecOps Cloud Engineer – AWS & GCP

Responsibilities

Cloud Architecture & Security (AWS & GCP)

• Design implement and optimize secure cloud architectures in AWS and GCP
• Conduct IAM reviews and implement least-privilege access models
• Harden identity boundaries and access controls
• Implement and configure cloud-native security services including:
  • AWS GuardDuty Config CloudTrail Security Hub
  • GCP Security Command Center Cloud Armor Cloud Logging & Monitoring
• Ensure encryption of data at rest and in transit
• Manage encryption key lifecycles using AWS KMS and GCP Cloud KMS

DevSecOps Pipeline Implementation

• Design build and maintain CI/CD pipelines with integrated security controls
• Implement automated security testing including:
  • Static Application Security Testing (SAST)
  • Dynamic Application Security Testing (DAST)
  • Software Composition Analysis (SCA)
• Embed security gates into DevOps workflows such as GitHub Actions Jenkins and GitLab
• Integrate and manage secrets using AWS Secrets Manager GCP Secret Manager and enterprise secrets management tools

Infrastructure as Code (IaC) & Automation

• Develop and maintain Infrastructure as Code using Terraform Ansible and AWS CloudFormation
• Implement Policy-as-Code using OPA Gatekeeper and Terraform Sentinel
• Automate provisioning and deployment of cloud networking compute storage and security resources

Containers & Security

• Support Docker and Kubernetes-based workloads and containerized applications
• Implement container and cluster hardening including Pod Security Standards RBAC tightening and secure image/runtime configurations
• Integrate vulnerability management and scanning solutions
• Configure service mesh or zero-trust networking models where applicable

Monitoring Logging & Incident Response

• Configure and integrate monitoring and observability tools such as Zabbix Prometheus Grafana AWS CloudWatch and GCP Cloud Logging & Monitoring
• Build dashboards and alerts for performance security events and compliance tracking
• Support incident response activities including threat analysis and root-cause investigations

Compliance & Governance

• Support compliance efforts aligned with NIST SOC 2 ISO 2NA01 and FedRAMP (if applicable)
• Automate audit evidence collection where feasible
• Implement governance guardrails tagging standards and cloud account controls

Collaboration Documentation & Knowledge Transfer

• Collaborate with technical leadership and internal development teams
• Provide recommendations for process improvements and tooling
• Operate with minimal supervision
• Adhere to security architectural and compliance standards
• Deploy and administer application hosting solutions including Windows and Linux servers containers databases and file storage
• Enable DevSecOps pipeline capabilities such as security gates CI/CD testing and application monitoring
• Optimize and automate infrastructure using Terraform Ansible GitHub Actions and scripting
• Build interfaces and APIs to facilitate infrastructure usage by development teams
• Produce architecture diagrams environment documentation deployment instructions and operational support documentation
• Provide cross-training and knowledge transfer to internal teams

Requirements

Technical Requirements

• Hands-on experience with Amazon Web Services (AWS) and Google Cloud Platform (GCP)
• Experience with DevSecOps automation and CI/CD pipelines
• Experience implementing Infrastructure as Code and automation tools
• Experience with Docker Kubernetes and container security
• Experience with cloud-native security services and monitoring tools