Offer summary

Qualifications:

Bachelor’s degree in Computer Science, Information Security, or related field preferred., Minimum of 4 years' experience in DevOps or related roles, focusing on security and compliance., Proficiency with AWS services such as EC2, S3, RDS, IAM, and WAF., Strong understanding of security principles, best practices, and regulatory requirements..

Key responsibilities:

Design, maintain, and optimize a secure AWS cloud infrastructure while implementing security monitoring tools.

Ensure adherence to CCPA, SOC 2, and related frameworks through audits and documentation of security controls.

Implement Cloudflare security measures and manage DNS and load balancing for reliability.

Establish monitoring systems and create incident response plans while maintaining documentation for audits.

Job description

We are seeking a DevOps Engineer with a strong emphasis on security and compliance to ensure our cloud infrastructure meets regulatory standards such as CCPA and SOC 2. The ideal candidate will be skilled in managing cloud environments (AWS), implementing robust security measures, and collaborating cross-functionally to maintain a secure and scalable cloud architecture.

Benefits and Compensation:

Competitive salary (based on experience and qualifications)
Permanent Work-From-Home position
Quarterly Bonus
Annual Performance Bonus
Paid Time Off

Key Responsibilities:

Security-Centric Cloud Infrastructure Management:

Design, maintain, and optimize a secure AWS cloud infrastructure; implement security monitoring tools and align with regulatory requirements.

Compliance Assurance:

Ensure adherence to CCPA, SOC 2, and related frameworks; conduct audits and close compliance gaps; document security controls and processes.

Cloudflare Security Integration:

Implement Cloudflare WAF, DDoS protection, and zero-trust access; manage DNS and load balancing for optimal reliability.

Server Hardening & Patch Management:

Harden Linux and Windows environments; manage and apply security patches proactively.

Database Security & Encryption:

Implement encryption for data at rest and in transit; configure access controls and auditing mechanisms for Microsoft SQL Server (on-prem and AWS RDS).

Third-Party Integration & Compliance:

Assess and validate third-party tools and integrations (e.g. Vonage, SendGrid) for security alignment and compliance.

Continuous Monitoring & Incident Response:

Establish monitoring systems; create and test incident response plans; utilize Wazuh SIEM or similar tools; coordinate with MSPs on vulnerability management.

Documentation & Reporting:

Maintain detailed documentation to support audits and regulatory reviews; generate compliance reports.

Software Development & OWASP Security:

Deploy environments using Linux, Windows, .NET, JavaScript, C#, and Docker; implement CI/CD processes; integrate OWASP best practices into SDLC; conduct security assessments and code reviews.

Working Hours:

Must be available to work full-time hours and coordinate effectively with distributed team members.

Qualifications:

Bachelor’s degree in Computer Science, Information Security, or related field (preferred)
Minimum of 4 years' experience in DevOps or related roles, with focus on security and compliance
Proficiency with AWS services: EC2, S3, RDS, IAM, WAF
Strong understanding of security principles, best practices, and regulatory requirements
Experience with scripting languages: .NET, JavaScript, C#, and automation tools
Excellent communication and collaboration skills

Required profile