Senior DevSecOps Engineer
Job Type: Full-time
Work Location: Remote
You will play a key role in shaping the security posture of our organization and have the opportunity to work on cutting-edge cloud technologies.
Responsibilities:
Design and manage end-to-end CI/CD pipelines with a focus on security: Develop and optimize CI/CD workflows that integrate security checks at each stage, ensuring the security of both infrastructure and application code from development to deployment.
Lead automation initiatives and DevSecOps integration efforts: Spearhead the automation of security testing, vulnerability scanning, and compliance checks across all development processes. Implement and oversee security tools and frameworks that automate threat detection, response, and compliance monitoring.
Ensure infrastructure and applications adhere to security best practices: Regularly audit and review existing infrastructure and application deployments to ensure they meet security benchmarks. Implement and enforce security policies, standards, and best practices across cloud and on-premises environments.
Collaborate with cross-functional teams: Work closely with development, operations, and security teams to ensure seamless DevSecOps integration. Provide guidance on security aspects of the software development process, infrastructure-as-code (IaC), and automated configuration management.
Mentor junior engineers on security-focused DevOps practices: Provide training and mentorship to junior engineers, helping them understand and implement security-first DevOps practices. Encourage a culture of continuous learning and proactive security across the organization.
Monitor and respond to security incidents: Lead the identification and resolution of security issues in the CI/CD pipeline, cloud infrastructure, and production environments. Work alongside security operations teams to ensure quick and effective incident response.
Qualifications:
6-10 years of DevOps/DevSecOps experience.
Expertise in cloud platforms (AWS, Azure, GCP), containerization, and security automation.
Strong scripting and programming skills (Python, Bash, etc.).
Experience with infrastructure-as-code (IaC) tools like Terraform, Ansible, or CloudFormation.
Familiarity with CI/CD tools such as Jenkins, GitLab CI, or CircleCI, and integrating security checks in the pipeline.
Certifications such as AWS Certified DevOps Engineer, Certified Kubernetes Administrator (CKA), Certified Information Systems Security Professional (CISSP), or Certified DevSecOps Professional are a plus.
Benefits:
401(k)
401(k) matching
Dental insurance
Employee assistance program
Employee discount
Flexible schedule
Flexible spending account
Health insurance
Health savings account
Paid time off
Parental leave
Professional development assistance
Referral program
Relocation assistance
Vision insurance
Schedule:
8-hour shift
Monday to Friday
Weekends as needed
Application Question(s):
Are you a U.S. Citizen?
Are you available to work full-time with a flexible schedule, including weekends as needed.
Have you worked with security automation in cloud environments such as AWS, Azure, or GCP?
New Light Technologies Inc. (NLT), an industry-leading cloud, agile software development, cybersecurity, data science, geospatial, research, and development consultancy based in Washington DC. We are continuously hiring for ongoing positions within our team. If your skills and experience align with our needs, we encourage you to apply. We will keep your resume on file for consideration as new opportunities arise that match your qualifications.
