DevSecOps Cloud Security Engineer
Share
Job Location:
Quincy, WA - USA
Monthly Salary:
Not Disclosed
Posted on:
13 hours ago
Vacancies:
1 Vacancy
Job Summary
Job Title: DevSecOps / Cloud Security Engineer
Location: North Quincy Massachusetts
Experience Required: 3-7 Years
Position Overview
We are seeking a hands-on DevSecOps / Cloud Security Engineer to embed security across the Software Development Lifecycle (SDLC) CI/CD pipelines and cloud-native environments.
This role will focus on securing applications automating security controls hardening cloud infrastructure and ensuring compliance with industry security frameworks. The ideal candidate combines strong scripting capabilities with deep expertise in container security cloud security and DevSecOps automation.
Key Responsibilities
1. Secure SDLC & Application Security
-
Embed security controls across all SDLC phases.
-
Conduct threat modeling secure code reviews and risk assessments.
-
Implement and manage SAST DAST and SCA tools.
-
Promote secure coding practices aligned with OWASP standards.
2. CI/CD Pipeline Security
-
Build and maintain secure CI/CD pipelines (GitHub Actions GitLab CI Jenkins Azure DevOps).
-
Automate security scans and policy enforcement within pipelines.
-
Integrate secrets management and environment hardening practices.
3. Cloud & Infrastructure Security
-
Conduct Infrastructure as Code (IaC) security reviews using Terraform CloudFormation ARM or Pulumi.
-
Enforce security best practices across AWS Azure or GCP.
-
Deploy and manage cloud-native security tools such as AWS GuardDuty Azure Defender or GCP Security Command Center.
4. Container & Kubernetes Security
-
Build and scan secure container images using tools like Trivy Aqua Clair or Prisma Cloud.
-
Implement Kubernetes hardening controls (RBAC network policies pod security standards).
-
Monitor and remediate cluster security posture and vulnerabilities.
5. Security Automation & Tooling
-
Develop automation scripts and playbooks using Python Go Bash or PowerShell.
-
Integrate SIEM/SOAR platforms into CI/CD workflows.
-
Automate vulnerability management and remediation processes.
6. Compliance & Governance
-
Support compliance with frameworks including:
-
NIST
-
ISO 27001
-
SOC 2
-
PCI-DSS
-
-
Implement policy-as-code using OPA Conftest or cloud-native policy engines.
-
Produce audit-ready documentation and reporting artifacts.
7. Monitoring & Incident Response
-
Integrate security telemetry into pipelines and cloud environments.
-
Triage and respond to security incidents related to CI/CD and cloud workloads.
-
Conduct root cause analysis and implement preventive controls.
Required Skills & Qualifications
-
3-7 years of experience in Cybersecurity DevSecOps or Cloud Security.
-
Strong scripting/programming skills (Python Go Bash PowerShell).
-
Hands-on experience with CI/CD automation and security tooling.
-
Strong understanding of OWASP Top 10 CWE and CVE vulnerabilities.
-
Experience with containers and Kubernetes security.
-
Knowledge of microservices architectures and distributed systems.
-
Understanding of cloud networking IAM secrets management and encryption.
Preferred Qualifications
Certifications:
CISSP CISM CCSP AWS/Azure Security Specialty GIAC or DevSecOps certifications.
Nice-to-Have Experience:
-
Zero Trust architectures
-
Supply chain security (SBOMs Sigstore Cosign)
-
Observability and infrastructure monitoring
-
Serverless security
-
Automated compliance frameworks
Core Competencies
DevSecOps CI/CD Security Kubernetes Security Cloud Security Infrastructure as Code SAST/DAST/SCA Security Automation Policy-as-Code Compliance Frameworks
Key Skills
- Splunk
- IDS
- Network security
- Computer Networking
- Identity & Access Management
- PKI
- PCI
- NIST Standards
- Security System Experience
- Information Security
- Encryption
- Siem
