Senior DevSecOps Engineer (AWS / Azure)

- 3 years of experience with AWS cloud services (EC2, ECS/EKS, S3, Lambda, RDS, ALB, VPC, IAM) required - 3 years of experience in container technologies (Docker and/or Podman) required - 3 years of experience in CI/CD pipelines (Jenkins, GitLab CI, GitHub Actions, or similar) required - 3 years of experience in Git version control and branching strategies required - 2 years of experience in Infrastructure as Code (Terraform and/or OpenTofu) required - 2 years of experience in Kubernetes orchestration (deployment, scaling, monitoring, troubleshooting) required - 2 years of experience in configuration management (Ansible, Chef, or Puppet) preferred - 2 years of experience in monitoring and observability (Prometheus, Grafana, ELK stack, CloudWatch) preferred - 3 years of experience in DevSecOps practices (security automation, shift-left security) required - 2 years of experience in container security scanning (Trivy, Aqua, Twistlock, Anchore, or similar) required - 2 years of experience in static/dynamic application security testing (SAST/DAST tools like SonarQube, Checkmarx, OWASP ZAP) required - 2 years in integrating security gates into CI/CD pipelines required - 2 years of experience in secrets management (Vault, AWS Secrets Manager, or similar) required - 2 years of experience in vulnerability management and remediation workflows required - 1 year of experience in software composition analysis for dependency scanning (Trivy, Snyk, or similar) preferred - 2 years of experience in security compliance frameworks (NIST, STIG, CIS benchmarks, FedRAMP) required - 2 years of experience in security hardening and baseline configuration required - 2 years of experience in audit logging and security event monitoring required - 2 years of experience in identity and access management (IAM policies, RBAC) required - 2 years of experience in network security (security groups, NACLs, WAF, network segmentation) required - 1 year of experience in certificate management and PKI required - 2 years of experience in security code review practices preferred - 2 years of experience in container and Kubernetes security (Pod Security Standards, Network Policies, image signing) preferred - 2 years of experience in API gateway management preferred - 1 year of experience in ETL platforms (Talend and/or Apigee) preferred - 3 years of experience in scripting languages (Python, Bash, or Go) required - 3 years of experience in YAML/JSON configuration required - Must possess a security-focused mindset and risk assessment skills - Strong problem-solving and troubleshooting abilities required - Ability to balance security needs with development speed necessary - Required cross-functional collaboration with development and operations teams - Essential documentation and knowledge-sharing skills - Communicate security risks clearly to both technical and non-technical audiences - Required incident response capabilities and on-call readiness - Must stay updated on emerging security threats and vulnerabilities - Bachelors degree in Engineering, Information Technology, Computer Science, or related field preferred; relevant experience may substitute for education in some cases - Relevant certification such as AWS Certified Solutions Architect, CKA, Terraform Associate preferred - Security certifications like Security, CISSP, CEH, or similar highly desired - Cloud security certifications including AWS Security Specialty, Azure Security Engineer preferred - Required to sit, type, hear, see, and communicate effectively for extended periods - Capable of lifting/carrying at least 15 lbs - Able to navigate an office environment for supplies and materials as needed - Applicants subject to federal background investigations and must meet eligibility requirements for classified access; active Secret clearance preferred and necessary to maintain - Some travel may be required.