Lead DevSecOps Engineer
6-month contract can extend another 12 months
Maximus
3 open roles
US Citizen or Green Card
Location: [Princeton NJ/McLean VA or Remote]
Requirements/skillsets
- Containerized workloads with Kubernetes
- Jenkins
- Pipelines
- SonarQube, code coverage, code analysis, AWS, optimization experience, alerts and monitoring of application workloads, some site reliability engineering, deployments are big in terms of pipelines, Jenkins is a requirement
- Certs are nice to have but not mandatory
Job Description: We are seeking a highly skilled and experienced Senior DevSecOps Engineer to join our dynamic team. The ideal candidate will have a deep understanding of DevOps principles, security practices, and cloud technologies. The ideal candidate will:
- Play a critical role in integrating security into the software development lifecycle and infrastructure management, ensuring our systems are robust, scalable, and secure.
- Will work closely with engineers (development and QA) and architects to deliver high quality code, via the SDLC process, in a high-performing manner.
- Steer the organization’s DevSecOps strategy, while working with architects and IT service owners to ensure the DevSecOps roadmap supports broader initiatives and security requirements.
- Create comprehensive documentation for automation processes, workflows, and standard operating procedures for educating team members on automation best practices.
The ideal candidate is also expected to be a motivated self-starter with a proactive approach to resolving problems and issues with minimal supervision
Key Responsibilities:
- Security Integration: Design and implement security measures at every stage of the software development lifecycle, from design to deployment.
- Automation & CI/CD Pipelines: Develop, maintain, and enhance automated CI/CD pipelines, ensuring secure and efficient delivery of applications.
- Cloud & Infrastructure Security: Manage and secure cloud infrastructure (AWS, Azure, GCP), including networking, storage, and compute resources, with a key focus on AWS.
- Compliance & Governance: Ensure compliance with industry standards and regulations (e.g., HIPAA, PCI-DSS, FedRAMP) and implement governance policies.
- Incident Response & Monitoring: Establish and maintain security monitoring, incident detection, and response protocols.
- Collaboration & Mentorship: Work closely with development, operations, and security teams to promote security best practices and mentor junior engineers.
- Risk Assessment: Conduct regular security assessments, vulnerability scans, and penetration testing to identify and mitigate risks.
- Tooling & Technology: Evaluate, deploy, and manage security tools (e.g., SAST, DAST, SIEM) to protect and monitor the environment.
Qualifications:
- Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
- 10+ years of experience in DevOps, DevSecOps, or a similar role, with a strong security focus.
- AWS Certified DevOps Engineer certification or similar
- Proficiency in cloud platforms (AWS, Azure, GCP) and containerization technologies (Docker, Kubernetes) with a key focus on AWS and EKS
- Experience with infrastructure as code (IaC) tools such as Terraform, Ansible, or CloudFormation.
- Proficiency in CI/CD tools like AWS CodePipeline, Jenkins, Azure DevOps Server
- Strong knowledge of security frameworks and standards (e.g., NIST, ISO 27001, OWASP).
- Familiarity with programming and scripting languages (e.g., Python, Bash, Go, Bash).
- Experience working in an agile environment leveraging the SAFe framework
- Excellent problem-solving skills and the ability to work in a fast-paced, collaborative environment.
- Strong communication skills, with the ability to convey complex security concepts to technical and non-technical stakeholders.
Preferred Qualifications:
- Relevant certifications such as CISSP, CISM, CEH, or AWS Certified Security - Specialty.
- Experience with microservices architecture and API security.
- Strong understanding and working experience with enterprise applications, containerized application workloads
- Strong understanding of networking concepts
- Knowledge of network security principles and technologies (e.g., Firewalls, VPNs, IDS/IPS).
Ankit Pratap Singh |Technical Recruiter | Apetan Consulting LLC |
Cell: 347-535-3066 | Email:ankit.p@apetan.com
Corp. Office: 15 Union Avenue, office # 6, Rutherford, New Jersey 07070 |
Web link:www.apetan.com