Über
Candidate should have 10+ year of experience as a DevOps Engineer
Role Description
We are seeking a skilled professional to join our team for a 6-12 month project in Boston, MA. This role involves ensuring the security and efficiency of our software development lifecycle and cloud infrastructure.
Key Responsibilities Secure SDLC Application Security:
Embed security controls at every stage of the software development lifecycle. Conduct threat modeling, secure code reviews, and risk assessments. Implement and interpret results from security tools for development teams. Promote a security-first development culture. CICD Pipeline Security:
Build and maintain secure continuous integration and delivery pipelines. Automate security scanning and policy enforcement in workflows. Integrate secrets management and environment hardening into pipelines. Cloud Infrastructure Security:
Implement Infrastructure as Code security reviews. Validate and enforce cloud security best practices. Deploy and maintain cloud-native security tools. Container and Kubernetes Security:
Build secure container images and manage scanning. Enforce Kubernetes hardening controls. Monitor cluster security posture and remediate vulnerabilities. Security Automation Tooling:
Develop automated scripts using programming languages. Integrate security platforms with workflows. Automate vulnerability management and remediation processes. Compliance and Governance:
Support adherence to security standards and internal policies. Implement guardrails and policy-as-code. Produce audit-ready documentation and reporting. Monitoring and Incident Response:
Integrate security telemetry into environments. Respond to and triage security incidents. Conduct root-cause analysis and implement preventative measures. Required Skills and Qualifications
3-7 years of experience in Cybersecurity, DevSecOps, or Cloud Security roles. Strong programming and scripting abilities. Hands-on experience with CICD tools and automation. Solid understanding of security vulnerabilities. Experience with containers and Kubernetes security. Familiarity with microservices, APIs, and distributed systems. Knowledge of cloud networking, identity, secrets management, and encryption. Preferred Skills
Certifications such as CISSP, CISM, CCSP, or related. Experience with Zero Trust architectures and supply-chain security. Knowledge of infrastructure monitoring and observability. Understanding of serverless security and automated compliance frameworks.
We value diversity and inclusion and encourage applicants from all backgrounds to apply. For immediate consideration, please click APPLY.
Sprachkenntnisse
- English
Hinweis für Nutzer
Dieses Stellenangebot stammt von einer Partnerplattform von TieTalent. Klicken Sie auf „Jetzt Bewerben“, um Ihre Bewerbung direkt auf deren Website einzureichen.