DevSecOps Engineer #2404
Position Summary:
Our partner, a healthcare institution that’s focused on developing cutting-edge technology to improve the patient’s overall
digital experience, is seeking a Sr. DevSecOps Engineer to join their team. In this role you will focus on the development and implementation of robust DevSecOps practices, focusing on securing and automating back-end systems while also contributing to the overall infrastructure. The ideal candidate will work closely with development, operations, and security teams to design and build scalable architecture patterns, CI/CD pipelines and containerization processes. You will be instrumental in creating a streamlined and efficient environment from scratch, leveraging AWS and modern frameworks to deliver exceptional experiences while ensuring high availability and performance across all applications.
Experience and Education:
- 5+ years of hands-on experience in DevOps/DevSecOps, with a focus on security, automation, cloud infrastructure, and release management.
- Experience working in a DevOps environment, integrating Terraform into CI/CD pipelines and automation workflows.
- Solid understanding of CI/CD processes and ability to architect scalable, efficient pipelines.
- Experience with the engineering of security tool requirements, trials, and evaluations, as well as security operations procedures and processes.
- Knowledge of testing framework (Jest), with JavaScript or TypeScript.
- AWS Certified DevOps Engineer - Professional
- AWS Certified Solutions Architect - Professional (a plus)
- Knowledge of compliance and regulations related to the industry, HIPAA, GDPR, SOC 2 and PCI-DSS (a plus)
Skills and Strengths:
- AWS
- AWS Six Pillars Framework
- Cloud Infrastructure Management (i.e, Terraform, DNS, Networking, VPC, EC2, Lambda, Ansible, etc.)
- Cloud Native CI/CD tools (i.e, AWS Bamboo, CodeCommit, CodeBuild, CodeDeploy, CodePipeline)
- CI/CD Processes
- CI/CD Pipeline Security
- Docker
- Kubernetes
- Container Security
- Automation Technologies (i.e, Chef, Puppet, Jenkins)
- AWS infrastructure Tools (i.e, ECS, ECR, EKS, Cognito, VPC Transit Gateway, and Route53)
- Infrastructure as Code (IaC)
- Cloud Security Tools (i.e, KMS, AWS IAM, GuardDuty, CloudTrail, AWS Config, CloudWatch)
- Release Management & Deployment processes
- SDLC
- GitHub and GitHub Actions
- Threat Modeling
- Risk Assessment
- Patch Management
- Vulnerability Scanning
- SAST/DAST
- IDS/IPS Solutions
- Cost-Benefit Analysis
Primary Job Responsibilities:
- Design, implement, and manage a robust infrastructure using GitHub Actions and Terraform to automate code testing, building, and deployment processes.
- Analyze and maintain the existing cloud infrastructure using AWS services, identifying and resolving issues related to provisioning, configuration, and performance to ensure optimal scalability.
- Collaborate with the engineering team to containerize applications using Docker, optimizing them for efficient deployment.
- Assist in writing effective tests using the Jest framework to ensure the reliability and robustness of their applications.
- Automate AWS implementation for new cloud computing systems or existing systems migrating to cloud architectures.
- Develop technical roadmaps for future AWS cloud implementations, including detailed analyses of budgets and anticipated benefits.
- Partner with the development team to offer guidance on AWS CI/CD implementations and releases.
- Design and define AWS architecture for a secure cloud computing system.
- Working with internal/external clients to gather and understand security needs.
- Maintain thorough documentation of infrastructure architecture, processes, and configurations to facilitate knowledge sharing and onboarding.
- Stay updated on industry trends, new technologies, and best practices related to Infrastructure as Code (IaC) and cloud services.
- Working within an opensource TypeScript/JavaScript environment is a plus
- Implement DevSecOps best practices and ensure compliance with cloud security standards while collaborating with internal/external clients to understand and address their security needs.