DevSecOps Engineer (Remote)

Role Description

We are seeking a highly skilled and experienced Sr. DevSecOps engineer to join our fast-paced and security-focused team. The ideal candidate will have extensive expertise in GitHub, GitHub Actions, Terraform, AWS, CI/CD processes, TypeScript, and testing frameworks. This role requires someone who can take ownership of projects and drive them to completion with minimal oversight. The successful candidate will thrive in a fast-paced environment, demonstrating excellent problem-solving skills, strong attention to detail, and a focus on maintaining secure systems.

Key Responsibilities

• Project Ownership: Deliver projects to completion. Ensure successful execution of tasks and regular deployments to production.
  
• CI/CD Strategy: Implement, and manage robust CI/CD pipelines using GitHub Actions and Terraform to automate code testing, building, and deployment processes.
  
• AWS Infrastructure: Maintain cloud infrastructure using AWS services such as ECS, ECR, EKS, Cognito, VPC Transit Gateway, and Route53. Ensure best practices in infrastructure-as-code and cloud security.
  
• Terraform Expertise: Utilize Terraform to define and provision AWS resources, ensuring high scalability, availability, and security of cloud environments.
  
• Automation & Optimization: Automate system configurations, software deployments, and infrastructure scaling to optimize workflows and system performance.
  
• Dockerization: Assist software engineers in containerizing their applications using Docker and preparing them to run efficiently on AWS ECS Fargate and EKS Fargate.
  
• TypeScript/JavaScript Support: Work closely with software engineers to support the development of secure, scalable application services using TypeScript and JavaScript frameworks such as NestJS and Next.js.
  
• Test Writing: Guide and assist software engineers and QA team members in writing effective tests using the Jest framework to ensure the reliability and robustness of their applications.
  
• Security & Compliance: Implement DevSecOps best practices, ensuring that all deployments meet the highest security standards. Familiarity with compliance frameworks (e.g., NEST CSF, HIPAA/HITRUST, SOC 2) is a plus.
  
• Monitoring & Troubleshooting: Set up monitoring and alerting for infrastructure and services, proactively addressing performance bottlenecks and security vulnerabilities within software applications and infrastructure.
  
• Collaboration & Communication: Work closely with developers, QA teams, and other stakeholders to ensure smooth, reliable daily deployments to production and fast iterations.
  
• Documentation: Document processes, configurations, and project outcomes to ensure clarity and transparency in all aspects of the DevSecOps lifecycle.
  

Qualifications

• 5+ years of DevOps/DevSecOps experience, with a focus on security, automation, and cloud infrastructure.
  
• Expertise in Terraform for provisioning cloud resources and infrastructure automation.
  
• Expertise with Docker and container orchestration (ECS/EKS).
  
• Expertise experience with AWS services, including ECS, ECR, EKS, Cognito, Lambda, S3, VPC Transit Gateway, and Route53.
  
• Proficiency in Docker, with experience containerizing applications and deploying them on AWS ECS Fargate and EKS Fargate.
  
• Proficiency in GitHub and GitHub Actions, including managing repositories, creating workflows, and automating deployment pipelines.
  
• Proficiency in TypeScript/JavaScript, including experience with frameworks like NestJS and Next.js.
  
• Solid understanding of CI/CD processes and ability to architect scalable, efficient pipelines.
  
• Experience with networking and security in AWS (e.g., VPC, IAM, Security Groups).
  
• Ability to work independently and manage complex tasks in a fast-paced environment with minimal oversight.
  
• Strong problem-solving skills with a focus on security, automation, and efficiency.
  
• Excellent written and verbal communication skills.
  

Nice to Have:

• Familiarity with compliance frameworks such as NEST CSF, HIPAA, SOC 2, or similar.
  
• Experience working in highly secure, regulated environments.