DevSecOps Engineer (Security)

Responsibilities:

Security Monitoring & Incident Response

• Oversee and respond to alerts from AWS GuardDuty, ensuring timely investigation and remediation of incidents.
• Execute security playbooks to handle alerts, and enhance them based on evolving threats and operational insights.

Vulnerability & Patch Management

• Coordinate the identification and application of security patches across GitLab, AWS, and Kubernetes components.
• Ensure that our infrastructure remains resilient to new vulnerabilities through regular patch cycles and proactive risk assessments.

Log Analysis & SIEM Management

• Conduct weekly SIEM reviews to analyze security logs, detect anomalies, and escalate issues as necessary.
• Collaborate with the SecOps team to refine monitoring strategies and alerting thresholds.

Reporting & Documentation

• Prepare monthly SecOps reports summarizing incident trends, response actions, and areas for improvement.
• Maintain and update documentation related to security processes, incident response, and playbooks.

Collaboration & Continuous Improvement

• Work closely with development, operations, and other security teams to integrate security best practices into CI/CD pipelines and cloud deployments.
• Proactively contribute to security strategy discussions, sharing insights and recommendations for enhanced security posture.

Requirements:

• Proven experience managing cloud security, particularly within AWS environments (including GuardDuty, IAM, and other AWS security services).
• Solid background in securing Kubernetes clusters (preferably on EKS) including experience with container security best practices.
• Experience with SIEM tools and log analysis for threat detection.
• Proficiency in applying security patches and vulnerability management across cloud and containerized environments.
• Familiarity with CI/CD pipelines (GitLab or equivalent) and integrating security into DevOps practices.
• Hands-on experience with incident response, including following and refining security playbooks.
• Working knowledge of networking, encryption, and other fundamental security concepts.
• Security certifications for AWS (such as AWS Certified Security – Specialty) and Kubernetes (such as Certified Kubernetes Security Specialist or equivalent) are highly desirable.