Cloud DevSecOps Engineer

Equity Administrative Services, Inc.
Westlake, United States of America
2 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

Westlake, United States of America

Tech stack

Kubernetes Security
Artificial Intelligence
Amazon Web Services (AWS)
Application Performance Management
Azure
Bash
Cloud Computing
Cloud Engineering
Encodings
CompTIA Security+
Computer Security
Continuous Integration
DevOps
Github
Python
Network Security
Powershell
Prometheus
Zero Trust Network Access
Azure
Runbook
Software Deployment
Software Engineering
SonarQube
Tripwire
Data Logging
Scripting (Bash/Python/Go/Ruby)
Cloud Platform System
Cloud Monitoring
Large Language Models
Grafana
Sonatype
Firewalls (Computer Science)
Gitlab
AI Platforms
Kubernetes
Information Technology
Bicep
Checkmarx
Terraform
Devsecops
Docker
Key Vault
Jenkins
Static Application Security Testing
Dynamic Application Security Testing

Job description

The Cloud DevSecOps Engineer is responsible for building and maintaining secure, scalable cloud infrastructure while embedding security practices throughout the software development lifecycle. This role bridges development, operations, security, and AI/ML teams to ensure applications-including AI-powered solutions-are deployed to production environments efficiently and securely.

Working closely with Software Development, Infrastructure, and Information Security teams, this role designs and implements CI/CD pipelines with integrated security controls, manages cloud environments in Azure and AWS, deploys and secures AI/ML workloads, and ensures production deployments meet security and compliance requirements. The DevSecOps Engineer champions a security-first approach to infrastructure automation and AI governance, serving as a key partner in securing the organization's cloud footprint and emerging AI capabilities., * Designs, builds, and maintains CI/CD pipelines with integrated security scanning (SAST, DAST, SCA, container security)

  • Manages and secures cloud infrastructure across Azure and AWS using infrastructure-as-code (terraform, ARM/Bicep)
  • Deploys applications and AI/ML workloads to production with security controls and compliance requirements embedded
  • Implements and manages container orchestration (Kubernetes, Azure Container Apps) with security best practices
  • Deploys and secures AI services including Azure OpenAI and LLM integrations with appropriate governance controls
  • Develops and enforces security guardrails within pipelines, preventing vulnerable code from reaching production
  • Monitors cloud security posture, remediates misconfigurations, and responds to security incidents
  • Manages secrets, certificates, and encryption keys using vault technologies and cloud-native KMS
  • Implements logging, monitoring, and alerting with security event correlation
  • Develops documentation for deployment processes, security configurations, and runbooks
  • Perform other duties as assigned

Requirements

  • Bachelor's Degree in Computer Science, Information Technology, Cybersecurity, or related field; or equivalent combination of education and experience
  • Minimum 5 years of experience in DevOps, cloud engineering, or infrastructure roles with demonstrated security focus
  • Minimum 3 years of hands-on experience with Azure and/or AWS cloud platforms
  • Experience implementing CI/CD pipelines in enterprise environments (Azure DevOps, GitHub Actions, Jenkins, GitLab)
  • Experience deploying and managing AI/ML services in cloud environments preferred
  • In person interaction that includes actively collaborating with colleagues and participating in team or company meetings

PROFESSIONAL CERTIFICATIONS

  • Azure preferred: AZ-400, AZ-500, or AI-102; AWS DevOps/Security Specialty a plus
  • Security certifications a plus: Security+, CISSP, CCSP

TECHNICAL SKILLS

To be successful in this role, you should have experience with and an understanding of the following:

  • Azure services: App Services, Container Apps, AKS, Key Vault, Entra ID, Azure Policy, Defender for Cloud, Azure OpenAI
  • Infrastructure-as-code: Terraform, ARM/Bicep templates; containerization: Docker, Kubernetes, Helm
  • CI/CD security tooling: SonarQube, Checkmarx, Snyk, Trivy, or similar
  • Scripting: PowerShell, Python, Bash
  • Network security: firewalls, WAF, segmentation, zero trust concepts
  • Monitoring: Azure Monitor, Application Insights, Prometheus, Grafana
  • AI/ML security: LLM governance, prompt injection prevention, data protection for AI workloads

Apply for this position