DevSecOps Engineer

Role: DevOps Security Engineer
Contract · Remote

About the Role
We are seeking a DevSecOps Engineer to embed security into development and deployment workflows for commercial organizations across multiple industries.

This role focuses on integrating security controls, automation, and monitoring into CI/CD pipelines while working closely with engineering, security, and architecture teams.

This is a remote, contract-based role, suited for engineers who are hands-on, automation-driven, and comfortable operating in modern cloud environments.

Key Responsibilities
• Integrate security controls into CI/CD pipelines (build, test, deploy)
• Implement automated security testing (SAST, DAST, dependency scanning)
• Secure cloud infrastructure using infrastructure-as-code (IaC)
• Collaborate with development teams to remediate security issues early in the SDLC
• Implement secrets management and secure configuration practices
• Support container and Kubernetes security initiatives
• Improve logging, monitoring, and security visibility across environments
• Automate security and compliance checks where possible
• Support incident response from a platform and pipeline perspective

Required Qualifications
• Experience in DevOps, security engineering, or platform engineering roles
• Strong understanding of CI/CD pipelines and modern development workflows
• Hands-on experience with cloud platforms (AWS, Azure, or GCP)
• Working knowledge of application and cloud security fundamentals
• Ability to work independently in a remote, contract-based environment

Technical Skills & Expertise
• CI/CD tools (GitHub Actions, GitLab CI, Jenkins, etc.)
• Infrastructure as Code (Terraform, CloudFormation, or similar)
• Cloud security controls (IAM, network security, encryption, logging)
• Application security tooling (SAST, DAST, SCA)
• Container security (Docker, Kubernetes security fundamentals)
• Secrets management (Vault, cloud-native solutions)
• Monitoring and logging integration
• Scripting and automation (Python, Bash, etc.)

Nice to Have
• Experience with compliance automation (ISO 27001, SOC 2, PCI DSS)
• Exposure to security architecture or threat modeling
• Familiarity with Zero Trust or cloud-native security patterns
• Certifications (AWS Security, Kubernetes, DevOps, Security+)

Soft Skills
• Strong problem-solving and troubleshooting ability
• Clear communication with engineering and security teams
• Automation-first mindset
• Ability to balance delivery speed with security requirements
• Ownership and reliability

Engagement & Compensation
• Engagement Type: Contract
• Work Mode: Fully Remote
• Compensation: Contract-based (dependent on scope of project)