Senior DevSecOps Cloud Engineer

Job#: 3019996

Location: Hybrid (Local candidates only — onsite as required)

Employment Type: Contract

Work Environment: Hybrid schedule with structured on‑site expectations; must provide secure remote work setup

A technology-focused organization is seeking a highly experienced Senior DevSecOps Cloud Engineer to support cloud modernization, security enhancements, and DevSecOps automation across AWS and Google Cloud environments. This role requires expert‑level cloud engineering capabilities, strong security integration skills, and the ability to collaborate with internal development and infrastructure teams.

• Design, implement, and optimize secure, scalable cloud architectures in AWS and GCP.
• Conduct IAM reviews and implement least‑privilege and identity‑hardening strategies.
• Configure and manage cloud‑native security tools such as:
• AWS: GuardDuty, Config, CloudTrail, Security Hub
• GCP: Security Command Center, Cloud Armor, Cloud Logging & Monitoring
• Ensure encryption of data in transit and at rest; manage key lifecycle using AWS KMS and GCP Cloud KMS.

• Build and maintain CI/CD pipelines with embedded security controls.
• Implement automated security testing (SAST, DAST, SCA).
• Integrate security gates into GitHub Actions, Jenkins, GitLab, or comparable CI/CD systems.
• Manage secrets securely using AWS Secrets Manager, GCP Secret Manager, and enterprise vaulting tools.

• Develop and maintain IaC using Terraform, Ansible, and AWS CloudFormation (if needed).
• Implement Policy‑as‑Code using OPA Gatekeeper or Terraform Sentinel.
• Automate provisioning of compute, network, storage, and cloud security components.

• Support containerized workloads using Docker and Kubernetes.
• Perform cluster and workload hardening (Pod Security Standards, RBAC, secure runtime configurations).
• Integrate vulnerability scanning tools (e.g., RiskSense or similar).
• Implement service mesh or zero‑trust networking models as appropriate.

• Configure observability tools including Zabbix, Prometheus, Grafana, CloudWatch, and GCP Logging/Monitoring.
• Build dashboards and configure alerts for performance, security events, and compliance metrics.
• Participate in incident response, threat analysis, and root‑cause investigations.

• Support compliance frameworks including NIST, SOC 2, ISO 27001, and FedRAMP (as applicable).
• Automate audit evidence collection where possible.
• Implement governance guardrails, tagging standards, resource controls, and cloud account hygiene policies.

• Produce detailed architecture diagrams, deployment documentation, and operational runbooks.
• Provide knowledge transfer and cross‑training to internal technical teams on tools, environments, and DevSecOps processes.

• Collaborate with technical leadership, developers, and infrastructure teams on modernization initiatives.
• Recommend process improvements, tooling upgrades, and automation opportunities.
• Deploy and administer hosting environments including Linux/Windows servers, containers, databases, and storage.
• Develop APIs and interfaces that support automated infrastructure provisioning.
• Operate with minimal supervision and adhere to all organizational security and compliance standards.

• 7–10+ years of experience in cloud engineering, DevSecOps, or security engineering roles.
• Expert‑level experience with AWS and GCP cloud services.
• Strong proficiency with IaC (Terraform, Ansible), CI/CD, and automation.
• Hands‑on container security and Kubernetes experience.
• Strong scripting skills (Python, Bash, or similar).
• Ability to work successfully in a hybrid schedule with required on‑site presence.
• Must pass background and security checks as required by the organization.

• Must provide a secure, private, professional remote work setup including:
• High‑speed, secure internet
• Monitors, docking station, keyboard/mouse, and peripherals
• Workspace suitable for focused, uninterrupted work
• Consistent attendance is required; schedule adjustments must be approved in advance.

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at [email protected] or 844‑463‑6178.