Maverc Technologies

DevSecOps Engineer

Maverc Technologies

contract

Posted on:

Location Type: Remote

Location: FloridaUnited States

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AWSAzureCloudDockerGoogle Cloud PlatformGrafanaJenkinsKubernetesMagentoPrometheusPythonSDLCTerraform

About the role

  • Design, implement, and maintain **secure CI/CD pipelines** for ecommerce applications.
  • Embed **security controls and automated testing** (SAST, DAST, SCA, IaC scanning) into the SDLC.
  • Support cloud-based ecommerce platforms with a focus on **scalability, availability, and performance**.
  • Implement and manage **infrastructure as code (IaC)** using tools such as Terraform, CloudFormation, or ARM.
  • Collaborate with development teams to securely deploy and maintain ecommerce applications and APIs.
  • Ensure secure handling of **payment systems**, customer data, and integrations with third-party vendors.
  • Monitor, detect, and respond to security events within production and non-production environments.
  • Implement and maintain **secrets management**, certificate management, and key rotation.
  • Support compliance efforts related to **PCI DSS**, SOC 2, ISO 27001, or similar frameworks.
  • Perform threat modeling and risk assessments for new ecommerce features and integrations.
  • Improve system reliability through automation, monitoring, and incident response practices.
  • Participate in on-call rotations and support production releases as needed.

Requirements

  • 5+ years of experience in **DevOps or DevSecOps** roles.
  • Hands-on experience supporting **ecommerce platforms**, including **Swell**, Shopify, Magento, BigCommerce, or custom ecommerce solutions.
  • Integrate and manage **Cloudflare services** (WAF, CDN, DDoS protection, Zero Trust access, bot management) to protect and optimize ecommerce applications
  • Strong experience with **CI/CD tools** (GitHub Actions, GitLab CI, Jenkins, Azure DevOps, etc.).
  • Experience securing **cloud environments** (AWS, Azure, and/or GCP).
  • Solid understanding of **web application security** and OWASP Top 10.
  • Experience with **containerization and orchestration** (Docker, Kubernetes).
  • Familiarity with **SAST, DAST, and dependency scanning tools** (e.g., Snyk, Checkmarx, Veracode).
  • Strong scripting skills (Bash, Python, or similar).
  • Experience with monitoring and logging tools (Prometheus, Grafana, ELK/Elastic, Datadog).
  • Understanding of **PCI DSS requirements** and secure payment processing workflows.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
CI/CD pipelinessecurity controlsautomated testinginfrastructure as codeTerraformCloudFormationARMscriptingcontainerizationorchestration
Soft skills
collaborationincident responsemonitoringrisk assessmentproblem-solving
Certifications
PCI DSSSOC 2ISO 27001