DevSecOps Engineer - Up to $9.5k

The ideal candidate should have deep expertise in security best practices, automation, and cloud platforms, with a focus on integrating security into every stage of the SDLC.

Key Responsibilities:

• Infrastructure Provisioning: Setup and manage CI/CD infrastructure, provision and maintain service accounts, mange tokens and certificates for tools/apps/services. Server Maintenance, backup and recovery planning for infrastructures and services
• CI/CD Pipeline Setup & Maintenance: Design, implement, and maintain the CI/CD pipelines, create common build platform; setup Jenkins server/ build agents
• Configuration Management: Configuration and maintenance of the environment
• Monitoring and Logging: Implement pipeline monitoring, alerting and logging to track capacity limit, memory and CPU usage limit; Define and create CI/CD dashboard to track and monitor embedded software build and performance
• Security Integration: Integrate security practices into the SDLC, including vulnerability scanning, code analysis, and compliance checks
• Automation and Scripting: Develop automation scripts and tools to streamline repetitive tasks, improve efficiency, and reduce manual errors in the software development and deployment processes
• Cloud Security: Implement and enforce security best practices for cloud environments, ensuring robust protection of cloud resources and data
• Documentation: Develop and document standard operating procedures

Qualifications:

• Bachelor’s degree in Computer Science, Computer Engineering, Software Engineering, or equivalent
• 7+ years of experience in DevOps with an emphasis on security, preferably prior experience in embedded product development
• Proficiency with DevSecOps tools and technologies such as Jenkins, GitLab, Docker, Kubernetes, Ansible, Terraform, Artifactory
• Excellent knowledge of cloud platforms (AWS, Azure, GCP) and their security configurations.
• Experience in building and maintaining automation playbook using automation technologies such as ansible, python, PowerShell, Chef (ruby) Terraform (HCL), groovy, JavaScript, and other scripting languages
• Hand-on experience in designing, developing and migrating CI/CD pipelines
• Experience in VMware virtualization products such as VMware vSpher, VMware ESXi and VMware vCenter
• Knowledge of security frameworks and standards (e.g., OWASP, NIST, IEC 62443)
• Understanding of network security, data encryption techniques, and secure coding practices
• Problem-solving skills and ability to think creatively to find solutions for complex problems
• Comfortable with Agile methodologies