DevSecOps Engineer

  • Dallas, TX
  • Posted 1 day ago | Updated 1 day ago

Overview

On Site
$60 - $65
Contract - W2
Contract - Independent
Contract - 12 Month(s)

Skills

aws
Azure
kubernetes
Terraform
devsecops

Job Details

Client: SGWS

Job Title: DevSecOps Engineer

Location: Dallas,TX (Onsite)


As a DevSecOps Engineer, you will play a pivotal role in shaping our software development lifecycle by integrating security practices seamlessly into our processes. Your technical expertise and leadership will drive the implementation of robust CICD (Continuous Integration and Continuous Deployment) patterns while adhering to industry standards and policies. You ll collaborate with cross-functional teams, ensuring that our applications are secure, reliable, and efficiently deployed. Here s an overview of your responsibilities:
Duties and Responsibilities
Design and implement secure, scalable solutions to address infrastructure and security requirements.
Champion DevSecOps practices, integrating security seamlessly into the SDLC with tools like SAST/DAST solutions and Infrastructure as Code (IaC) scanning (e.g., Prisma Cloud, SonarQube).
Identify and implement opportunities for pipeline automation and optimization, driving efficiency and speed.
Embrace Infrastructure as Code (IaC) using tools like Terraform and Kubernetes to automate and manage multi-cloud deployments (e.g.: AWS, Azure).
Lead the containerization charge, leveraging Docker and Helm 3 for efficient application packaging and deployment.
Strong understanding of security concepts, including threat modeling, risk assessment, and vulnerability management
Proficiency in automation tools, configuration management, and continuous integration and deployment (CI/CD) pipelines. Familiarity with tools like GitHub Actions, ArgoCD, Terraform.
Expertise in cloud security principles, including secure architecture design and configuration management. Familiarity with popular cloud platforms like AWS, Microsoft Azure
Implement state-of-the-art artifact management solutions for secure storage and distribution (e.g., Artifactory, Nexus.)
Implement and maintain robust monitoring solutions (e.g., Prometheus, Grafana) to gain deep insights into application and infrastructure health.
Integrate and leverage a SIEM tool (Splunk or similar) to collect, analyze, and correlate security-related data from various sources for advanced threat detection and incident response.
Possess a strong understanding of web server configuration and management (e.g., Apache, Nginx) for optimal performance and security.
Possess a strong foundation in Unix/Linux administration, including scripting (Bash), user and permission management, and system troubleshooting.
Foster a collaborative environment, working closely with development, security, and operations teams to ensure seamless software delivery.
Stay ahead of the curve by researching and integrating the latest DevSecOps trends and methodologies.
Share your expertise through internal training and knowledge sharing sessions.
Develop and maintain clear documentation for DevSecOps processes and tools, ensuring consistency and knowledge transfer.
Troubleshoot and resolve complex issues within the CI/CD pipeline and cloud deployments.
Keep incident tracking tools updated and document discoveries and concerns.
Proactive approach to identify and mitigate security risks
Champion agile methodologies within the DevSecOps workflow, ensuring continuous integration, delivery, and feedback loops.
Align with Systems/Software Development Life Cycle (SDLC) processes and industry-standard service management principles (such as ITIL).
Understanding cloud security principles, including secure architecture design and configuration management
Familiarity with API Security, Container Security
Experience with cloud technologies for cloud DevSecOps
Minimum Qualifications
Bachelor s degree in Computer Science or Information Technology field
4+ years of experience in DevSecOps principles and practices.
Proven track record of designing and implementing secure, automated CI/CD pipelines with modern tools (GitOps, GitHub Actions etc.)
Deep understanding of Infrastructure as Code (IaC) tools (Terraform, Kubernetes) and multi-cloud environments (AWS, Azure, Google Cloud Platform).
Deep understanding knowledge of containerization technologies (Docker, Helm).
Experience with next-generation artifact management solutions (Artifactory, JFrog).
Experience integrating security best practices and tools (SAST/DAST, IaC scanning) into the SDLC.
Familiarity with API Security, Container Security, and AWS Cloud Security.
Knowledge of Prisma Cloud, SIEM, SOC, Nessus, CrowdStrike, or similar services.
Excellent communication, collaboration, and problem-solving skills.
Ability to thrive in a fast-paced, dynamic environment.
Strong scripting skills (Python, Go, Bash).
Delivers Results
Teamwork & Collaboration
Effective communication
Excellent verbal/written communication skills
Ability to analyze and solve problems
Strong attention to detail
Preferred Qualifications
Possess expert level industry certification(s) in Azure/AWS
Specialized Skills and Technologies
Kubernetes
Docker
Terraform
Helm
Prisma Cloud / SonarQube
Physical Demands
Travel up to 50%
Participate in 24 x 7 on call rotation
Physical demands with activity or condition for a considerable amount of time include sitting and typing/keyboarding using a computer (e.g., keyboard, mouse, and monitor) or adding machine
Physical demands with activity or condition may include occasional to rare amount of time include walking, bending, reaching, standing, and stooping
May require occasional lifting/lowering, pushing, carrying, or pulling up to 20lbs

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.