Sr. DevSecOps Engineer

Job Title: Senior DevSecOps Engineer
Location: Flexible
Type: Full-Time Contract (40 hours per week)

Role Overview

We are seeking a highly skilled and hands-on DevOps/DevSecOps Engineer to design, implement, and maintain secure, scalable, and highly available infrastructure across AWS and on-premises environments. This role will be responsible for automation, monitoring, security hardening, and disaster recovery, with a strong emphasis on infrastructure-as-code and operational excellence.

The ideal candidate is proactive, automation-driven, and comfortable owning both infrastructure and security responsibilities end-to-end.

Key Responsibilities

Infrastructure & Automation

• Design and manage AWS infrastructure using Infrastructure-as-Code (Terraform)

• Automate configuration management and deployments using Ansible

• Support hybrid environments (AWS + on-prem data center infrastructure)

• Build and maintain CI/CD pipelines for application and infrastructure deployments

Security & DevSecOps

• Implement and manage security tools and controls including:

◦ AWS GuardDuty, WAF, IDS/IPS (e.g., Fortigate)

◦ DLP (Data Loss Prevention) solutions (Macie)

• Manage secrets using AWS Secrets Manager and HashiCorp Vault

• Implement and automate certificate lifecycle management (especially on-prem via Ansible)

• Establish vulnerability management processes and automated reporting (Both AWS and OnPrem)

• Design and enforce patch management processes across environments (Both AWS and On-Prem)

• VPN Management ( Setup VPN tunnels, Troubleshoot VPN issues)

Identity & Access Management

• Integrate and manage SSO solutions (Okta)

• Enforce least privilege access controls across systems using IAM roles

Disaster Recovery & Business Continuity

• Design and implement disaster recovery (DR) strategies

• Conduct DR testing and ensure RTO/RPO objectives are met

Monitoring, Alerting & Reliability

• Implement and manage monitoring/alerting using tools such as CloudWatch/NewRelic

• Ensure system availability and performance

• Set up proactive alerting for applications, APIs, and infrastructure

• Lead incident response and root cause analysis

Technical Requirements

Must-Have Skills:

• Strong hands-on experience with AWS (ECS, networking, security, cloud watch, Aurora RDS)

• Expertise in Terraform (infrastructure provisioning at scale)

• Experience with Ansible for automation and configuration management

• Experience with monitoring tools such as New Relic and CloudWatch

• Strong understanding of security best practices in cloud and hybrid environments

Experience with:

◦ AWS Secrets Manager

◦ HashiCorp Vault

◦ Ansible automation

• Hands-on experience with:

◦ WAF, IDS/IPS, GuardDuty, Fortigate (or similar)

◦ Vulnerability management and patching processes (Nessus Pro)

• Experience implementing SSO solutions (Okta)

• Familiarity with DLP tools and implementations

Programming/Scripting:

• Proficiency in Python and Java

• Strong scripting skills (Bash or similar)

Nice-to-Have

• Experience in healthcare or compliance-driven environments (HIPAA, SOC 2, HITRUST)

• Experience with containerization (Docker, ECS)

• Experience with SIEM tools and centralized logging

Key Traits

• Hands-on and execution-focused (not just architectural)

• Strong automation mindset

• Security-first approach (DevSecOps mentality)

• Ability to work across teams (Development, Operations, Security)

• Comfortable working in both cloud and on-prem environments