DevSecOps Engineer Senior - Hybrid (Dallas)

Opportunity to join a project in one of the largest beverage distributors in the USA.

Overview

As a DevSecOps Engineer, you will play a pivotal role in shaping our software development lifecycle by integrating security practices seamlessly into our processes. Your technical expertise and leadership will drive the implementation of robust CICD (Continuous Integration and Continuous Deployment) patterns while adhering to industry standards and policies. You’ll collaborate with cross-functional teams, ensuring that our applications are secure, reliable, and efficiently deployed. Here’s an overview of your responsibilities:

Duties And Responsibilities

• Design and implement secure, scalable solutions to address infrastructure and security requirements.
• Champion DevSecOps practices, integrating security seamlessly into the SDLC with tools like SAST/DAST solutions and Infrastructure as Code (IaC) scanning (e.g., Prisma Cloud, SonarQube).
• Identify and implement opportunities for pipeline automation and optimization, driving efficiency and speed.
• Embrace Infrastructure as Code (IaC) using tools like Terraform and Kubernetes to automate and manage multi-cloud deployments (e.g.: AWS, Azure).
• Lead the containerization charge, leveraging Docker and Helm 3 for efficient application packaging and deployment.
• Strong understanding of security concepts, including threat modeling, risk assessment, and vulnerability management
• Proficiency in automation tools, configuration management, and continuous integration and deployment (CI/CD) pipelines. Familiarity with tools like GitHub Actions, ArgoCD, Terraform.
• Expertise in cloud security principles, including secure architecture design and configuration management. Familiarity with popular cloud platforms like AWS, Microsoft Azure
• Implement state-of-the-art artifact management solutions for secure storage and distribution (e.g., Artifactory, Nexus.)
• Implement and maintain robust monitoring solutions (e.g., Prometheus, Grafana) to gain deep insights into application and infrastructure health.
• Integrate and leverage a SIEM tool (Splunk or similar) to collect, analyze, and correlate security-related data from various sources for advanced threat detection and incident response.
• Possess a strong understanding of web server configuration and management (e.g., Apache, Nginx) for optimal performance and security.
• Possess a strong foundation in Unix/Linux administration, including scripting (Bash), user and permission management, and system troubleshooting.
• Foster a collaborative environment, working closely with development, security, and operations teams to ensure seamless software delivery.
• Stay ahead of the curve by researching and integrating the latest DevSecOps trends and methodologies.
• Share your expertise through internal training and knowledge sharing sessions.
• Develop and maintain clear documentation for DevSecOps processes and tools, ensuring consistency and knowledge transfer.
• Troubleshoot and resolve complex issues within the CI/CD pipeline and cloud deployments.
• Keep incident tracking tools updated and document discoveries and concerns.
• Proactive approach to identify and mitigate security risks
• Champion agile methodologies within the DevSecOps workflow, ensuring continuous integration, delivery, and feedback loops.
• Align with Systems/Software Development Life Cycle (SDLC) processes and industry-standard service management principles (such as ITIL).
• Understanding cloud security principles, including secure architecture design and configuration management
• Familiarity with API Security, Container Security
• Experience with cloud technologies for cloud DevSecOps
  
  

Minimum Qualifications

• Bachelor’s degree in Computer Science or Information Technology field
• 4 years of experience in DevSecOps principles and practices.
• Proven track record of designing and implementing secure, automated CI/CD pipelines with modern tools (GitOps, GitHub Actions etc.)
• Deep understanding of Infrastructure as Code (IaC) tools (Terraform, Kubernetes) and multi-cloud environments (AWS, Azure, GCP).
• Deep understanding knowledge of containerization technologies (Docker, Helm).
• Experience with next-generation artifact management solutions (Artifactory, JFrog).
• Experience integrating security best practices and tools (SAST/DAST, IaC scanning) into the SDLC.
• Familiarity with API Security, Container Security, and AWS Cloud Security.
• Knowledge of Prisma Cloud, SIEM, SOC, Nessus, CrowdStrike, or similar services.
• Excellent communication, collaboration, and problem-solving skills.
• Ability to thrive in a fast-paced, dynamic environment.
• Strong scripting skills (Python, Go, Bash).
• Delivers Results
• Teamwork & Collaboration
• Effective communication
• Excellent verbal/written communication skills
• Ability to analyze and solve problems
• Strong attention to detail
  
  

Preferred Qualifications

• Possess expert level industry certification(s) in Azure/AWS
  
  

Specialized Skills And Technologies

• Kubernetes
• Docker
• Terraform
• Helm
• Prisma Cloud / SonarQube
  
  

If you meet the requierements, please apply now! Also, go to talentconnect.ai and take your first interview.

Thanks! And please follow in LinkedIn and stay aware of every new position that we post: https://www.linkedin.com/company/talentconnect-ai