DevOps Engineer

HNM Solutions
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Senior

Job location

Tech stack

Amazon Web Services (AWS)
Software System Penetration Testing
Cloud Computing
DevOps
Github
Identity and Access Management
Network Security
Routing
Scrum
Role-Based Access Control
Data Logging
Firewalls (Computer Science)
Amazon Web Services (AWS)
Gitlab
Cloudformation
Cloudwatch
Terraform

Job description

Managing, improving, and monitoring the AWS security posture of the Atlas environment

Implementing and maintaining AWS Data Perimeter measures

Advising teams on secure-by-design architecture

Performing security reviews, threat modeling, and risk analyses

Support incident response and forensics

Develop and improve security policies, baselines, and guardrails

Collaborate with Cloud Engineers, POs, and Security teams to mitigate risks

This is what you will be doing

Designing, improving, and automating AWS security controls (Organizations/SCPs, IAM Identity Center, KMS, Config, CloudTrail, Security Hub, GuardDuty).

Network security: contributing to policy and implementation around AWS Network Firewall (Exit Gateway), routing, and VPC segmentation; setting up runbooks and monitoring.

Secrets management and evidence: demonstrably set up rotation policies, RBAC access, and audit logs; document and evidence controls (e.g., CRY.1.4/CRY.1.5).

Work on Account Vending and building blocks (Terraform modules) so that new accounts comply with the Security Baseline by default.

Incident and vulnerability handling: classifying, triaging, and following up on alerts (including container runtime protection), together with customer teams.

Enablement & advice: helping teams make security-conscious choices, sharing knowledge, and driving improvement initiatives in a scalable platform environment.

Collaborating and sharing knowledge

You will work closely with our Product Owner and Scrum Master and coordinate regularly with other ITF teams. You will organize knowledge sessions, write guides, and work in pairs with engineers from customer teams to create security by design. (Collaboration with other teams, including Base64/Watchdog, occurs regularly around network and core services.)

What energizes you

Making complex platform issues simple and reliable with a real impact on the energy transition.

Automating security: policies, controls, and evidence as code (Terraform).

Requirements

Do you have experience in Terraform?, At least 5 years of experience with AWS security in enterprise/multi-account environments

In-depth knowledge of:

IAM, SSO, permission boundaries, identity federation

KMS, encryption standards, secrets management

GuardDuty, Security Hub, Detective, Config, CloudTrail

SCPs, Control Tower guardrails, multi-account governance

Data perimeter (preferred)

Experience with IaC security (Terraform best practices, drift detection, policy-as-code)

Experience with incident response in cloud environments

Preferred: pentesting/red teaming experience

Tooling & technical skills

Terraform, CloudFormation

GitLab/GitHub CI/CD

CloudWatch, logging, monitoring

Security tooling within AWS (GuardDuty, Detective, Config, etc.)

Soft skills

Strong in documenting, challenging, and advising

Able to translate complex security risks into concrete actions

Strong communication skills with both engineers and management

Proactive, critical, and ownership-driven

Apply for this position