Sr. DevSecOps Engineer GIS & Cloud Security (AWS) - 100% REMOTE (15+Years Exp Required)

Sr. DevSecOps Engineer GIS & Cloud Security (AWS) - 100% REMOTE (15+Years Exp Required)

Posted 1 day ago by 1751357775

Apply
Negotiable
Outside
Remote
USA
Apply
Amazon Web Services (AWS) ArcGIS (GIS Software) Automation AWS Certified Security Specialty AWS Identity And Access Management (IAM) Azure Kubernetes Service Bash (Scripting Language) Business Transformation Certified Ethical Hacker (CEH) Certified Information Security Manager (CISM) Certified Information Systems Security Professional (CISSP) Cloud Computing Cloud Technology Computer Science Container Security Continuous Integration and Continuous Delivery Cyber Security Data Encryption DevOps DevSecOps Docker (Software) Encryption Geographic Information Systems GIS Applications Gitlab Identity And Access Management Information Systems Investments IT Security Architecture Jenkins Key Performance Indicators (KPIs) Kubernetes Management Market Trend Microsoft Azure Multi-Cloud Network Security Python (Programming Language) Scripting Security Engineering Security Testing Software Development Stakeholder Management Terraform Windows PowerShell

Summary: The Sr. DevSecOps Engineer will play a crucial role in securing Geographic Information Systems (GIS) applications as part of a significant business transformation initiative. This position requires extensive hands-on experience with cybersecurity platforms, particularly in cloud security (AWS), and a strong understanding of DevSecOps practices. The ideal candidate will enhance security posture, secure CI/CD pipelines, and ensure compliance throughout the development lifecycle. This role is fully remote and emphasizes collaboration with various teams to promote a security-first mindset.

Key Responsibilities:

  • Work with Elevate (GIS) teams to bake-in security controls part of design and implement secure AWS architectures for GIS applications
  • Provide security best practices for implementing COTS software such as ArcGIS in AWS.
  • Implement and maintain robust security measures & DevSecOps Framework (SHIELD) throughout every phase of development, from planning to deployment and maintenance across CI/CD pipeline. ('Secure by design', 'Secure by default')
  • Implement security policy-as-code (PaC) & Compliance-as-Code (CaC) and integrates continuous security testing within CI/CD pipelines
  • Report on DevSecOps specific security metrics, KPIs, KRIs to track progress and demonstrate the value of security investments aligning with IT, Cyber L1, L2s.
  • Partner with SIOC team to perform code reviews and static analysis to identify security vulnerabilities
  • Validate Identity and Access Management (IAM) policies and roles
  • Secure data at rest and in transit using AWS encryption services
  • Work with stakeholders to implement network security measures, including VPCs, security groups, and NACLs
  • Stay updated on emerging threats, vulnerabilities, and security trends related to AWS, Azure and DevSecOps practices.
  • Promote cybersecurity awareness among developers and stakeholders.
  • Foster a security-first mindset across Elevate application platform teams, promoting shared responsibility for cybersecurity (lead by cyber, owned by all).
  • Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience).
  • 5+ years of experience in IT security, with at least 3 years focused on DevSecOps, DevOps or Security Engineering roles
  • Extensive hands-on experience with AWS services and security best practices
  • Strong understanding of GIS applications (ArcGIS) and their security requirements
  • Proficiency in scripting languages such as Python, Bash, or Ruby
  • Experience with CI/CD tools (e.g., Jenkins, GitLab CI, or AWS CodePipeline)
  • Knowledge of container technologies and orchestration platforms (e.g., Docker, Kubernetes)
  • Familiarity with infrastructure-as-code tools (e.g., Terraform, CloudFormation)
  • Understanding of security standards and frameworks (e.g., NIST CSF)
  • Excellent communication and collaboration skills
  • Familiarity with the shared responsibility model in cloud environments (AWS, Azure) and hybrid cloud deployments.
  • CISSP, CISM, or DevSecOps-specific credentials are a plus.
  • Strong analytical and problem-solving skills with excellent communication and teamwork abilities.

Preferred Technical Skills:

  • Experience with scripting languages (e.g., Python, PowerShell) for automation of security tasks.
  • Knowledge of container security (Docker, Kubernetes)
  • Familiarity with secure software development lifecycle (SDLC) practices.

Soft Skills

  • Excellent Communication Skills: Ability to clearly articulate security concepts to diverse audiences, including engineers, product managers, and executives.
  • Collaboration & Influence: Proven ability to work cross-functionally with teams to align on security priorities and influence roadmaps.

Preferred Qualifications:

  • Relevant security certifications (e.g., AWS Certified Security - Specialty, CISSP, CEH)
  • Experience with GIS-specific security challenges and solutions
  • Knowledge of multi-cloud and hybrid cloud security architectures
  • Familiarity with compliance requirements in the GIS industry

Salary (Rate): undetermined

City: undetermined

Country: USA

Working Arrangements: remote

IR35 Status: outside IR35

Seniority Level: undetermined

Industry: IT

Detailed Description From Employer:

Role Name: Sr. DevSecOps Engineer GIS & Cloud Security (AWS)

Location: 100% Remote

Duration: 12+ Months

We are seeking an experienced and proactive DevSecOps Engineer to join our Cybersecurity Application Platform Security Team to secure our Geographic Information Systems (GIS) applications as a part of large business transformation effort Elevate. The ideal candidate will have hands-on experience with cybersecurity platforms, with a deep understanding of cloud security (especially AWS), strong experience with DevSecOps practices, and an understanding of GIS applications to operate the environment securely, enhance security posture, secure CI/CD pipelines and continuously bake-in security and compliance

Key Responsibilities:

  • Work with Elevate (GIS) teams to bake-in security controls part of design and implement secure AWS architectures for GIS applications
  • Provide security best practices for implementing COTS software such as ArcGIS in AWS.
  • Implement and maintain robust security measures & DevSecOps Framework (SHIELD) throughout every phase of development, from planning to deployment and maintenance across CI/CD pipeline. ('Secure by design', 'Secure by default')
  • Implement security policy-as-code (PaC) & Compliance-as-Code (CaC) and integrates continuous security testing within CI/CD pipelines
  • Report on DevSecOps specific security metrics, KPIs, KRIs to track progress and demonstrate the value of security investments aligning with IT, Cyber L1, L2s.
  • Partner with SIOC team to perform code reviews and static analysis to identify security vulnerabilities
  • Validate Identity and Access Management (IAM) policies and roles
  • Secure data at rest and in transit using AWS encryption services
  • Work with stakeholders to implement network security measures, including VPCs, security groups, and NACLs
  • Stay updated on emerging threats, vulnerabilities, and security trends related to AWS, Azure and DevSecOps practices.
  • Promote cybersecurity awareness among developers and stakeholders.
  • Foster a security-first mindset across Elevate application platform teams, promoting shared responsibility for cybersecurity (lead by cyber, owned by all).

Qualifications:

  • Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience).
  • 5+ years of experience in IT security, with at least 3 years focused on DevSecOps, DevOps or Security Engineering roles
  • Extensive hands-on experience with AWS services and security best practices
  • Strong understanding of GIS applications (ArcGIS) and their security requirements
  • Proficiency in scripting languages such as Python, Bash, or Ruby
  • Experience with CI/CD tools (e.g., Jenkins, GitLab CI, or AWS CodePipeline)
  • Knowledge of container technologies and orchestration platforms (e.g., Docker, Kubernetes)
  • Familiarity with infrastructure-as-code tools (e.g., Terraform, CloudFormation)
  • Understanding of security standards and frameworks (e.g., NIST CSF)
  • Excellent communication and collaboration skills
  • Familiarity with the shared responsibility model in cloud environments (AWS, Azure) and hybrid cloud deployments.
  • CISSP, CISM, or DevSecOps-specific credentials are a plus.
  • Strong analytical and problem-solving skills with excellent communication and teamwork abilities.

Preferred Technical Skills:

  • Experience with scripting languages (e.g., Python, PowerShell) for automation of security tasks.
  • Knowledge of container security (Docker, Kubernetes)
  • Familiarity with secure software development lifecycle (SDLC) practices.

Soft Skills

  • Excellent Communication Skills: Ability to clearly articulate security concepts to diverse audiences, including engineers, product managers, and executives.
  • Collaboration & Influence: Proven ability to work cross-functionally with teams to align on security priorities and influence roadmaps.

Preferred Qualifications:

  • Relevant security certifications (e.g., AWS Certified Security - Specialty, CISSP, CEH)
  • Experience with GIS-specific security challenges and solutions
  • Knowledge of multi-cloud and hybrid cloud security architectures
  • Familiarity with compliance requirements in the GIS industry

Best Regards,

Chetna

-D

-Fax

Truth Lies in Heart

Apply
Similar Jobs
Loading data...