Senior DevSecOps Engineer
Serigor Inc
contract
Posted on:
Location Type: Hybrid
Location: Mechanicsburg • Pennsylvania • 🇺🇸 United States
Visit company websiteJob Level
Senior
Tech Stack
AWSAzureJavaPythonTerraform
About the role
- Build secure-by-default AWS CDK constructs and CloudFormation templates and wire them into CI/CD
- Enforce compliance checks mapped to CJIS and NIST 800-53 and produce auditor-ready evidence
- Develop pipeline security templates in GitHub Actions and Azure DevOps with SAST, SCA, IaC, container, and secret scanning gates
- Implement compliance-as-code in reference accounts: AWS Config rules, Security Hub standards, and GuardDuty routing
- Create IaC reference modules (CDK/CloudFormation) for IAM least privilege, KMS, Secrets Manager, logging, and network baselines; provide Terraform equivalents where required
- Export evidence tying checks to control IDs and generate posture/evidence reports
- Harden CDK/CFT modules and pipeline templates and coach pilot teams to adopt templates
- Raise gaps to enterprise teams for org-level enforcement and escalation
Requirements
- 5+ years AWS security automation and DevOps experience
- Strong with AWS CDK and CloudFormation
- Working proficiency in Terraform
- CI/CD authoring in GitHub Actions and Azure DevOps
- Proficient in Python and Bash; PowerShell for Windows automation
- Able to read Java and C# to integrate and tune SAST/SCA
- Practical knowledge of CJIS and NIST 800-53 control families and how to automate checks and evidence
- Nice to have: EKS/ECS/Lambda hardening patterns
- Nice to have: OPA/Conftest, Checkov, Trivy, Inspector, CodeQL or equivalent
- Basic Azure security automation for future phases
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
AWS CDKCloudFormationTerraformGitHub ActionsAzure DevOpsPythonBashPowerShellSASTSCA
Soft skills
coachingcommunication