Purpose of the Position:

We are seeking an AWS DevSecOps Engineer with a strong background in Terraform development, AWS cloud infrastructure, and security best practices. This individual will play a pivotal role in driving automation, infrastructure-as-code (IaC), and security-as-code within our cloud environments, leading the implementation of automation and CI/CD. The ideal candidate will have hands-on experience implementing and maintaining secure cloud infrastructures using Terraform, AWS services, and DevSecOps practices.

Tasks

• Lead the DevSecOps team to design, implement, and optimize automated, secure cloud infrastructure and application delivery pipelines.
• Develop and enforce security standards, best practices, and policies across all cloud and infrastructure activities.
• Collaborate with development, operations, and security teams to ensure the alignment of security practices with business goals.

Terraform development:

• Design, implement, and manage Terraform modules for AWS infrastructure provisioning and configuration.
• Ensure reusable, scalable, and secure Terraform code to automate the creation, scaling, and management of AWS resources.
• Perform version control, testing, and modularization of Terraform code to maintain consistency and reduce technical debt.

Cloud security:

• Integrate security practices directly into the CI/CD pipeline, ensuring secure software delivery through automated security testing and vulnerability scanning.
• Implement and enforce security best practices for identity management, access control, and network security within AWS environments.
• Use AWS services like CodeDeploy, Auto Scaling, CloudFormation, IAM, Elastic Container Service,
• GuardDuty, Inspector, KMS, etc., to manage and improve the security posture of the infrastructure.

CI/CD pipeline development and maintenance:

• Build and manage CI/CD pipelines using AWS tools (e.g., CodePipeline, CodeBuild, CodeDeploy), and Terraform.
• Ensure pipeline automation for faster and more reliable releases while maintaining a high security standard.

Collaboration and mentorship:

• Work closely with cross-functional teams to build secure and efficient cloud solutions.
• Provide technical leadership and mentorship to junior engineers and developers.
• Stay up to date with industry trends and evolving AWS and security technologies.

Monitoring and compliance:

• Implement infrastructure monitoring, logging, and alerting systems to ensure the security, performance, and health of the infrastructure.
• Ensure compliance with relevant industry standards and regulations (e.g., GDPR, CCPA, etc.) in the cloud infrastructure.

Incident response and risk management:

• Lead incident response activities related to cloud infrastructure and security breaches.
• Conduct security risk assessments and vulnerability assessments to identify and mitigate risks to the cloud environment.

Required Skills and Qualifications

• Minimum of 5-7 years of experience in DevSecOps, with a strong focus on AWS cloud environments.
• 3+ years of experience in Terraform development and infrastructure automation.
• Strong experience with AWS services such as EC2, S3, IAM, Lambda, VPC, RDS, SQS, and CloudWatch.
• Expertise in cloud security best practices, including IAM, encryption, vulnerability scanning, and threat detection.
• Strong proficiency in Infrastructure-as-Code (IaC) using Terraform (CloudFormation is a plus).
• Proficiency in DevSecOps tools like Jenkins, GitLab CI, or similar.
• Familiarity with AWS security tools (GuardDuty, Inspector, KMS, etc.) and general security concepts.
• Knowledge of CI/CD pipeline automation, security testing, and deployment tools.
• Experience with version control systems (Git, Bitbucket, GitHub).
• Experience with monitoring and logging tools (e.g. Datadog, CloudWatch, Splunk).
• Strong scripting skills (Bash, Python, Shell, etc.) for automation.
• Experience with containerization and orchestration technologies (Docker, Kubernetes, ECS, EKS).
• AWS Certified Solutions Architect – Professional
• AWS Certified DevOps Engineer – Professional