DevSecOps Engineer
mccain
Job Description
- Design, implement, and maintain secure, enterprise‑grade CI/CD pipelines
- Define and evolve Build & Release best practices with traceability and auditability
- Implement automated build, test, release, and deployment pipelines
- Integrate SAST, DAST, IAST, and OSS security tools into CI/CD workflows
- Enable automated change management from Dev to Production
Cloud & Infrastructure
- Build and operate highly available, fault‑tolerant cloud infrastructure
- Automate infrastructure using Terraform, Ansible, and GitOps practices
- Work across GCP and AWS (Azure exposure is must have)
- Integrate applications into public, private, and hybrid cloud environments
- Implement configuration management to standardize environments
Containers & Platforms
- Design and manage containerized platforms using Docker & Kubernetes
- Support Kubernetes environments (GKE, Helm, kubectl)
- Act as a technical expert on containerization and cloud-native architectures
Security, Monitoring & Reliability
- Embed DevSecOps quality gates, SLOs, and compliance controls
- Integrate monitoring and observability using Grafana, Prometheus, ELK, Splunk
- Enable self-healing and automated remediation mechanisms
- Partner with Cloud Infrastructure & Security teams to enforce standards
Collaboration & Ownership
- Work with cross‑functional agile teams to improve developer productivity
- Translate non‑functional requirements into scalable technical designs
- Own the technical design and implementation of DevSecOps platforms
- Create documentation, standards, and reusable automation frameworks
Required Skills & Experience
Core Experience
- 6+ years of experience in DevSecOps / DevOps / Platform Engineering
- Strong hands‑on experience with:
- CI/CD tools: Jenkins, Azure DevOps, GitHub Actions, Bamboo
- Source control: GitHub, GitLab, Bitbucket
- IaC & Automation: Terraform, Ansible, Groovy, Shell scripting
- Containers & Orchestration: Docker, Kubernetes (GKE preferred)
- Experience with JFrog Artifactory & SonarQube
- Solid Linux experience (Ubuntu, RHEL, Debian)
Cloud & Security
- Hands‑on experience with GCP and/or AWS (Azure is a plus)
- Experience implementing DevSecOps security tools in pipelines
- Understanding of networking fundamentals (TCP/IP, DNS, SSL, HTTP)
- Experience with high‑availability and distributed systems
Programming & Ways of Working
- Scripting or programming experience: Python, Bash, Java (basic)
- Experience with Agile / DevOps methodologies
- Exposure to GitOps, Flux CD, GitHub Security, Copilot is a plus
- Strong problem‑solving and communication skills