Secure CI/CD Pipelines: Design, build, and maintain automated security testing within continuous integration and deployment pipelines (incorporating SAST, DAST, and SCA tools).
Cloud Security Posture: Implement and monitor security controls across our AWS cloud environment, ensuring compliance with industry best practices and frameworks.
Infrastructure as Code (IaC) Security: Enforce "Security as Code" by implementing automated scanning for Terraform templates to catch misconfigurations before deployment.
Vulnerability Management: Triage, track, and partner with engineering teams to remediate security vulnerabilities across infrastructure, containers, and applications.
Threat Modeling & Architecture: Participate in system design reviews and threat modeling sessions to identify potential attack vectors in new features and infrastructure.
Incident Response: Assist in cloud and application security incident response, including forensic log analysis and mitigation strategy development.
Advocacy & Training: Evangelize secure coding practices and provide guidance to developers on how to build highly secure, resilient systems.

Requirements

3+ years of hands-on experience in DevSecOps, Cloud Security, or a DevOps role with a heavy security focus.
Strong proficiency in securing AWS environments (e.g., deep knowledge of IAM, VPCs, GuardDuty, Security Hub, AWS WAF, KMS).
Strong coding/scripting skills in Python, Bash to automate security workflows and integrate APIs.
Hands-on experience integrating security scanners (e.g., Snyk, SonarQube, Trivy, Checkmarx) into modern pipelines (e.g., GitHub Actions, GitLab CI).
Proficiency writing and reviewing IaC (Terraform) and utilizing IaC security scanners (e.g., tfsec, Checkov).
Solid understanding of Docker and Kubernetes security concepts, including image scanning, RBAC, and network policies.
Practical knowledge of network security fundamentals, including firewalls, zero-trust architecture, VPNs, and TLS/SSL.
Relevant certifications such as AWS Certified Security – Specialty, CKA/CKS (Certified Kubernetes Security Specialist), or OSCP are a plus.
Experience with regulatory compliance frameworks (e.g., SOC2, ISO 27001, HIPAA) is a plus.
Familiarity with SIEM/SOAR tools and centralized logging strategies.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

DevSecOpsCloud SecurityAWSPythonBashTerraformDockerKubernetesnetwork securitysecurity scanning

Soft Skills

incident responseadvocacytrainingcollaborationcommunication

Certifications

AWS Certified Security – SpecialtyCKACKSOSCP