Job Openings SecOps/DevOps Engineer

About the job SecOps/DevOps Engineer

SecOps/DevOps Engineer

Overview

Were seeking a highly skilled SecOps/DevOps Engineer to join our technology team. This is a hands-on role at the intersection of security operations, infrastructure engineering, and compliance. The ideal candidate will be as comfortable writing secure deployment pipelines as they are interpreting NIST 800-53 or authoring internal security policies.

You'll help design, implement, and maintain secure systems across our infrastructure while supporting the company's data protection, compliance, and uptime requirements.

Key Responsibilities

  • Build and maintain secure CI/CD pipelines and infrastructure-as-code (IaC) systems.
  • Implement security controls aligned with NIST, CIS, or FedRAMP frameworks.
  • Monitor infrastructure for vulnerabilities, configuration drift, and policy violations.
  • Collaborate with engineering teams to embed security throughout the SDLC.
  • Define, write, and maintain security policies and procedures, particularly around PII protection, access control, and audit logging.
  • Assist in incident response planning and investigation.
  • Perform internal risk assessments and support audits as needed.
  • Automate compliance tasks where possible.

Required Qualifications

  • 3-7 years in a DevOps, Site Reliability, or Security Engineering role.
  • Strong understanding of network security, cloud architectures (AWS, Azure, or GCP), and Linux systems.
  • Familiarity with security frameworks such as NIST, SOC 2, or ISO 27001.
  • Experience handling PII, including data classification and secure data practices.
  • Proven ability to author security documentation, policies, and procedural guides.
  • Proficiency in scripting (e.g., Python, Bash, or Go) and automation tooling (e.g., Terraform, Ansible).
  • Strong Git/GitOps fundamentals and experience with CI tools (e.g., GitHub Actions, GitLab CI).

Preferred (Nice to Have)

  • Certifications like CISSP, GIAC, or AWS Security Specialty.
  • Familiarity with container security (e.g., Proxmox, Docker, Kubernetes, Falco, or Kyverno).
  • Knowledge of SIEM and EDR tools, vulnerability management platforms.
  • Experience with compliance automation tooling.

Who You Are

  • You think in terms of threat modeling and resilience.
  • You're as good at writing as you are at scripting.
  • You're proactive, collaborative, and comfortable driving a security culture.

Or refer someone