Job Description
DevSecOps Lead Engineer
Charlotte, NC (Hybrid)
Need Locals
USC/GC/H4/GCEAD
Hybrid day one
No Devops engineer, must be expert Devsecops.
Responsibilities:
1. Security Integration: - Collaborate with development and operations teams to integrate security practices into the DevOps pipeline. - Implement security controls, vulnerability assessments, and code analysis tools.
2. AWS Infrastructure Management: - Design, deploy, and maintain AWS infrastructure using Infrastructure as Code (IaC) tools like Terraform or AWS Cloud Formation. - Ensure infrastructure is configured securely and efficiently.
3. Automation: - Develop and maintain automation scripts and pipelines for provisioning, deployment, and scaling of AWS resources. - Implement continuous integration and continuous deployment (CI/CD) pipelines with a security focus.
4. Security Compliance: - Ensure AWS environments comply with industry standards and best practices for security. - Conduct security audits and maintain documentation for compliance.
5. Incident Response and Monitoring: - Establish robust monitoring, alerting, and incident response systems within AWS. - Investigate and resolve security incidents in a timely manner.
6. IAM and Access Control: - Manage AWS Identity and Access Management (IAM) policies and access controls. - Implement role-based access control (RBAC) and least privilege principles.
7. Security Training and Awareness: - Promote security best practices and conduct training for development and operations teams. - Stay up to date with AWS security services and features