DevSecOps Engineer with cloud expertise

- Conduct vulnerability assessments and penetration tests across web applications, networks, Azure configurations, and WordPress environments. - Evaluate Azures security posture by analyzing identity and access policies, network security groups, storage exposure, and compliance gaps. - Regularly perform both automated and manual scans on websites and network infrastructure to identify vulnerabilities and misconfigurations. - Develop and maintain Python-based automation tools for ongoing security scans, reporting pipelines, and tracking remediation actions. - Document assessment findings with clear severity ratings and practical remediation steps tailored to our small engineering team. - Monitor threat intelligence and proactively evaluate emerging vulnerabilities relevant to our environment. - Design and apply automated security scanning within our CI/CD pipeline, including SAST, DAST, dependency checks, secrets detection, and container scanning, ensuring minimal alert fatigue. - Build and sustain infrastructure-as-code for secure and scalable deployments across development, staging, and production environments. - Set secure defaults for secrets management, credential rotation, and access controls to avoid hindering developer workflow. - Facilitate threat modeling sessions to convert findings into prioritized, automated security pipeline controls. - Act as the teams internal security educator, helping engineers comprehend the principles behind security controls rather than only the procedures. - Assist the team in cultivating secure coding practices that seamlessly integrate into their daily routines. - Contribute to HIPAA and SOC 2 compliance from a hands-on technical perspective. - Maintain documentation of security architecture and decisions to ensure the entire team understands the rationale and trade-offs involved.