Cloud DevOps and Security Lead

Join to apply for the Cloud DevOps and Security Lead role at Telesystem

2 days ago Be among the first 25 applicants

Join to apply for the Cloud DevOps and Security Lead role at Telesystem

• Telesystem is looking for an experienced DevOps Engineer to join our development team. You will play a key role in designing, implementing, managing, and automating the complex, secure, and scalable cloud-native infrastructure and deployment pipelines that power our custom-built CRM, OSS, and BSS platform, tailored to the needs of our telecommunications business. The ideal candidate has a strong foundation in DevOps methodologies, extensive hands-on experience with the AWS ecosystem (including ECS, Terraform), CI/CD automation (Azure DevOps), monitoring (CloudWatch), and a commitment to building reliable, secure, and highly automated systems.
• Work is performed under general supervision and employees are required to exercise considerable initiative and independent judgment in selecting work methods and completing assigned tasks in a timely manner.
• The Cloud DevOps and Security Lead reports directly to the Chief Transformation Officer.
• This position does not have any direct reports.

Position Summary

• Telesystem is looking for an experienced DevOps Engineer to join our development team. You will play a key role in designing, implementing, managing, and automating the complex, secure, and scalable cloud-native infrastructure and deployment pipelines that power our custom-built CRM, OSS, and BSS platform, tailored to the needs of our telecommunications business. The ideal candidate has a strong foundation in DevOps methodologies, extensive hands-on experience with the AWS ecosystem (including ECS, Terraform), CI/CD automation (Azure DevOps), monitoring (CloudWatch), and a commitment to building reliable, secure, and highly automated systems.
• Work is performed under general supervision and employees are required to exercise considerable initiative and independent judgment in selecting work methods and completing assigned tasks in a timely manner.
• The Cloud DevOps and Security Lead reports directly to the Chief Transformation Officer.
• This position does not have any direct reports.

Essential Functions

• Cloud Infrastructure & Deployment Automation
• Design, implement, manage, and automate scalable and secure cloud-native infrastructure within AWS, tailored to support CRM, OSS, and BSS applications for the telecommunications industry.
• Create and maintain automated CI/CD pipelines using Azure DevOps, integrating seamlessly with AWS services to ensure continuous, reliable deployments.
• Deploy, configure, and scale containerized applications effectively using Amazon ECS (Fargate and EC2 modes), ensuring efficient resource management and optimized performance.

• Infrastructure as Code (IaC) & Automation
• Utilize Terraform to provision and manage infrastructure, ensuring consistency, scalability, and rapid deployment capabilities across AWS environments.
• Implement infrastructure auto-scaling mechanisms, configuring AWS Auto Scaling Groups (ASGs) and Application Auto Scaling based on resource utilization metrics.

• Monitoring, Logging & Observability
• Establish comprehensive monitoring and observability solutions using AWS CloudWatch, including setting up detailed metrics, alarms, and dashboards for ECS, Aurora, ALB, SQS, and Redis.
• Perform advanced log analysis and aggregation using CloudWatch Logs Insights or similar tools (e.g., ELK, OpenSearch) to troubleshoot issues and enhance operational visibility.

• Security & DevSecOps Integration
• Integrate security best practices throughout the DevOps pipeline, emphasizing secure secrets management with AWS Secrets Manager and Azure Key Vault.
• Maintain robust IAM policies adhering strictly to the principle of least privilege for roles across the infrastructure.
• Implement security scanning and vulnerability management processes within CI/CD pipelines, leveraging tools such as SonarQube, Snyk, OWASP ZAP, Trivy, and Checkov.

• Database & Caching Operations
• Manage AWS Aurora MySQL clusters, ensuring high availability, optimal performance, backup management, and effective performance tuning using Performance Insights.
• Deploy and manage ElastiCache for Redis clusters, maintaining high performance, security standards (encryption, RBAC), and efficient auto-scaling.

• Cross-Cloud Integration & Collaboration
• Facilitate effective integration and deployment between Azure DevOps and AWS environments, including secure multi-cloud resource management and pipeline configurations.
• Configure and manage secure access across cloud platforms, ensuring seamless interaction between AWS and Azure-hosted services (e.g., Azure OpenAI).

• Technical Collaboration & Documentation
• Actively participate in collaborative sessions with development teams, ensuring smooth infrastructure integration into application architectures.
• Maintain detailed, accurate documentation of infrastructure configurations, automation scripts, security protocols, and operational procedures.

• Continuous Improvement & Troubleshooting
• Proactively identify opportunities for automation, reliability improvements, and cost optimizations within cloud infrastructure.
• Perform detailed troubleshooting, addressing complex issues promptly to maintain high availability, scalability, and reliability of cloud operations.

Education And Experience Requirements

• High school diploma or equivalent – required.
• Bachelor's degree (BA/BS) from four-year college or university – preferred.

• Minimum 5 Years of DevOps Experience - Required
• Proven track record in designing, implementing, managing, and automating complex, secure, and scalable cloud-native solutions, particularly within the AWS ecosystem.
• This experience should encompass the full DevOps lifecycle, including hands-on work with container orchestration (like ECS), infrastructure as code (preferably Terraform), CI/CD pipeline development (especially integrating tools like Azure DevOps with AWS), implementing event-driven architectures (using services like SQS/SNS), integrating security practices throughout the pipeline (DevSecOps), and establishing robust monitoring and observability (CloudWatch).
• Candidates should demonstrate experience managing production environments, troubleshooting intricate issues across distributed systems, and applying best practices for reliability and cost-efficiency.

• Additional Core requirements:
• Cloud Infrastructure Management (AWS Core Services):
• Compute & Containerization: Expert in deploying and scaling containerized applications using Amazon ECS (Fargate and EC2 modes), including managing task definitions, service discovery, and Application Load Balancers (ALB).
• Image Management: Proficient with Amazon ECR, handling container image build pipelines, tagging strategies, and secure image deployment.
• Networking: Deep knowledge of Amazon VPC, including subnet design, routing, Security Groups, NACLs, and VPC Endpoints for secure internal service access.
• Infrastructure Auto Scaling:
• Proficient with AWS Auto Scaling Groups (ASG) for EC2 instances, including launch templates, scaling policies (scheduled, dynamic, predictive), and lifecycle management.
• Skilled in configuring Application Auto Scaling for ECS (Fargate and EC2 modes) based on resource utilization metrics (CPU, memory) and SQS queue depth metrics.

• Monitoring, Logging, and Observability:
• AWS CloudWatch: Deep expertise in defining metrics, dashboards, and alarms for ECS, Aurora, ALB, SQS, Redis.
• Log Aggregation: Experience with CloudWatch Logs Insights, and optionally ELK or OpenSearch.
• Visualization & Alerting: Comfortable with CloudWatch Dashboards or familiarity with Grafana.

• Database Operations (Aurora MySQL):
• Provisioning and managing Aurora clusters, snapshots, backups, and scaling read replicas.
• Configuring Performance Insights to enable database performance tuning.

• Automation & Scripting:
• Proficiency in scripting languages like Bash or Python for automation, custom metrics, tooling integration, and operational workflows.

• Preferred skills:
• Event-Driven Architecture (EDA):
• Experience deploying and maintaining asynchronous messaging workflows using Amazon SQS (Standard/FIFO, DLQs, visibility timeouts) and SNS (topic-based pub/sub, fan-out).
• Caching Layer Expertise (ElastiCache for Redis):
• Strong skills in deploying and managing ElastiCache for Redis, including clustering, performance monitoring, auto scaling, and Redis security (encryption, authentication, RBAC).
• DevSecOps Integration:
• Secrets Management: Experience using AWS Secrets Manager and Azure Key Vault, with secure injection of secrets into CI/CD and runtime environments.
• IAM Security: Strong grasp of least privilege policies for IAM roles (pipeline, ECS tasks, etc.).
• Security Scanning Integration (is a plus): Proficient in implementing:
• SAST: (e.g., SonarQube)
• SCA: (e.g., Snyk)
• DAST: (e.g., OWASP ZAP)
• Container Scanning: (e.g., Trivy)
• IaC Scanning: (e.g., Checkov)
• CI/CD Orchestration with Azure DevOps:
• Experience building complex YAML-based pipelines in Azure DevOps, including multi-stage workflows for building, testing, scanning, and deploying applications to AWS.
• Familiarity with the AWS Toolkit for Azure DevOps, including setting up secure AWS Service Connections and tasks for ECS/ECR.
• Multi-Cloud Integration (AWS Azure):
• Hands-on experience deploying from Azure DevOps to AWS services.
• Secure access to Azure OpenAI from AWS-hosted applications, including:
• Secrets handling across clouds
• Configuring secure network access (IP whitelisting, potential VPN/ExpressRoute familiarity)

Core Competencies

• Agile – Embraces change; adaptable and flexible; sense of urgency;
• Innovative – Uses critical thinking; Creativity; Continuous learning; Challenges the status quo;
• Customer Focused – External/Internal; Creates the exceptional customer experience; demonstrates a sales and service mentality;
• Collaborative – Teamwork, Proactive knowledge sharing, Constructive Conflict;
• Accountable – See it, Own it, Solve it, Do it; Hold each other accountable.

Job Specific Competencies

• Deliver Results – Strategic planning and execution; Makes decisions in the best interest of the Company; Knows and responds to the business climate; Manages ambiguity
• Displays Leadership – Role Model; Communicates vision; possesses Emotional Maturity; Manages Risks; Resiliency; Business Acumen

Other Skills And Requirements

• Possess strong written, interpersonal and verbal communication skills while being respectful, professional and collaborative.
• Be able to effectively communicate with and coordinate communication with users at all levels (ex. functional end users, project team members, IT resources, and management).
• Possess the ability to effectively manage tasks.
• Ability to effectively and independently use Microsoft Office suite of tools and other similar business applications.
• Must be proficient and fluent in the English language.

Working Conditions and Physical Demands

• The Cloud DevOps and Security Lead is a full-time, exempt position, primarily during standard ET business hours Monday-Friday, plus work outside of normal business hours, as needed.
• This is a remote position with no expected travel, although there may be limited gatherings with regional team members from time to time.
• Basic corporate tools: Computer with word-processing, spreadsheet, email and business collaboration programs
• Business communication tools: audio and video solutions
• While performing the duties of this job, the employee is frequently required to sit and talk or hear. The employee is occasionally required to walk; use hands to finger, handle, or feel objects, tools, or controls; and reach with hands and arms.
• 90% sitting at desk, typing on keyboard, viewing computer monitor.
• The employee must occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision and the ability to adjust focus.
• The work environment characteristics described here are representative of those a remote team member should be able to support while performing the essential functions of this job.
• A separate, quiet space, free from distractions and noise. Ideally, a dedicated private area where confidential work discussions can take place via phone or video.
• High-speed internet connection with a minimum bandwidth (ex: 50 Mbps download, 10 Mbps upload) depending on the demands of the position along with the ability to troubleshoot basic internet connectivity issues.
• A comfortable desk and chair supporting good posture, and appropriate lighting to reduce eye strain.
• An uninterrupted power supply (UPS) or access to alternative power in case of outages. Plus, the ability to remain productive during brief power or internet outages, when applicable.
• A presentable background for video calls and virtual meetings (neutral or blurred background).
• Adherence to professional dress codes during video calls.
• Proven ability to stay on track and manage time effectively in a home-based setup.
• Access to an alternative workspace in case home becomes temporarily unavailable.
• The DevOps and Security Lead is required to drive on the job as needed and is subject to regular MVR checks. He/she must maintain a valid driver’s license and maintain a driving record the meets Company standards for an insurable driver at all times. Any time these conditions are not met must not drive on the job and must immediately report it to their Manager.
• The Company is a drug-free workplace. All employees are required to adhere to the Company’s drug-free workplace programs and policies. Pre-employment testing is mandatory.
• The duties assigned, the hours worked, and the status of this position is subject to change as the needs of the company changes.

Use Of Company Resources, Equipment And Confidential Information

Company resources, equipment and information are provided to employees to facilitate work. They may not be used for purposes other than work without proper authorization. Any unauthorized use of company resources, equipment or information is strictly prohibited. Any unauthorized use of customer data or any other company information gained via any company resource is a breach of confidentiality and is strictly prohibited. Any unauthorized use of company resources, equipment information and/or breaches of confidentiality may be cause for termination of employment.

The statements herein are intended to describe the general nature and level of work being performed by employees assigned to this job. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required and may be expanded or changed to include other duties or responsibilities that management may deem necessary from time to time.

#TrustTelesystem

• Mid-Senior level

• Full-time

• Management and Manufacturing
• Industries

Referrals increase your chances of interviewing at Telesystem by 2x