Principal DevSecOps Engineer

As the Principal DevSecOps Cloud Engineer, you will lead and implement DevSecOps strategies within our AWS environment. This role requires an expert understanding of AWS services, cloud security best practices, and infrastructure automation. You will work closely with development, security, and operations teams to architect, secure, and automate scalable cloud solutions.

Responsibilities:

• Lead the design, implementation, and management of secure, scalable AWS cloud infrastructure.
• Establish and enforce DevSecOps best practices, ensuring security is embedded throughout the development lifecycle.
• Develop and manage Infrastructure as Code (IaC) scripts using tools such as Terraform or AWS CloudFormation.
• Automate CI/CD pipelines to support continuous integration, testing, and delivery.
• Integrate security tools and processes within the CI/CD pipelines, focusing on threat detection, vulnerability management, and compliance.
• Monitor and troubleshoot cloud infrastructure, ensuring reliability, performance, and security.
• Collaborate with cross-functional teams to implement and advocate for cloud security standards and practices.
• Provide technical leadership and mentorship to other cloud and DevOps engineers.
• Stay up-to-date with AWS advancements, security trends, and DevSecOps best practices.

Qualifications:

• Bachelor’s degree in Computer Science, Engineering, or a related field (or equivalent experience).
• 7+ years of experience in DevOps, Cloud Engineering, or similar roles, with a strong emphasis on security.
• Extensive experience with AWS services (EC2, S3, Lambda, RDS, IAM, etc.).
• Strong proficiency in Infrastructure as Code (IaC) tools, particularly Terraform or AWS CloudFormation.
• Advanced knowledge of CI/CD tools (Jenkins, GitLab, AWS CodePipeline) and DevSecOps practices.
• Experience with security frameworks and tools (e.g., AWS Security Hub, GuardDuty, CloudTrail, or similar).
• Proficiency in programming/scripting languages such as Python, Bash, or PowerShell.
• Deep understanding of security controls, cloud networking, IAM, and compliance requirements (e.g., GDPR, HIPAA).
• Excellent problem-solving skills and a collaborative mindset.

Preferred Qualifications:

• AWS Certified DevOps Engineer or AWS Certified Security Specialist.
• Experience with Docker and Kubernetes in AWS environments.
• Familiarity with compliance automation and monitoring.