Full-Time DevSecOps Engineer
Siena is hiring a remote Full-Time DevSecOps Engineer. The career level for this job opening is Expert and is accepting Europe based applicants remotely. Read complete job description before applying.
Siena
Job Title
Posted
Career Level
Career Level
Locations Accepted
Share
Job Details
The role & what you'll be doing:
As a DevSecOps Engineer, you will be a key driver in integrating security practices across our development and deployment pipelines, ensuring that every product we deliver is secure, scalable, and resilient. This role requires both a strategic mindset and hands-on engineering skills to design and implement world-class DevSecOps processes. You will work closely with cross-functional teams to build and maintain highly automated CI/CD pipelines, secure infrastructure, and provide rapid response to security incidents.
- Design & Implement CI/CD Pipelines: Develop, optimize, and maintain CI/CD pipelines that integrate automated testing, security scans, and code deployment, ensuring rapid and reliable software releases.
- Infrastructure as Code (IaC): Lead the implementation of infrastructure as code (IaC) using tools like Terraform, CloudFormation, or AWS CDK, ensuring consistent and scalable environments across all stages of development.
- Security Automation: Automate security checks within CI/CD pipelines, embedding vulnerability management, code analysis, and dependency checks directly into the software development process.
- Cloud Infrastructure Management: Manage secure and scalable cloud environments (AWS, Azure, GCP) to support both production and development needs, optimizing for performance, availability, and cost.
- Monitoring and Logging: Implement advanced monitoring and logging systems to track application and infrastructure performance, security threats, and anomalous behavior, ensuring rapid detection and response to incidents.
- Incident Response and Threat Management: Develop, maintain, and execute incident response plans, including forensics and post-incident reviews, ensuring the ability to detect, respond to, and recover from breaches effectively.
- Disaster Recovery and Resilience: Architect disaster recovery strategies, ensuring that systems have robust backup and restoration processes in place to guarantee high availability and rapid recovery.
- Compliance and Risk Management: Ensure that all systems meet regulatory and compliance standards (e.g., SOC 2, GDPR), working with relevant stakeholders to manage audits and ensure proper documentation.
Join the team if you:
- Have 5+ years experience with DevOps tools such as Jenkins, GitLab CI, and infrastructure automation with Terraform, CloudFormation, or AWS CDK.
- Have 5+ years experience in managing and securing infrastructure on cloud platforms (AWS, GCP, or Azure), with a focus on automation, scalability, and high availability.
- Have expertise in vulnerability management, threat modeling, and security monitoring, with hands-on experience integrating security into CI/CD pipelines.
- Are proficient in automation scripting with languages like Python, Bash, or PowerShell.
- Have experience implementing monitoring solutions and leading incident response teams during security events.
- Have experience with compliance frameworks such as SOC 2, GDPR, ISO 27001, and handling related audits.