DevSecOps Cloud Engineer AWS & GC

Senior Technical (Use the "Apply for this Job" box below). Technologies Inc

Referrals increase your chances of interviewing at RICEFW Technologies Inc by 2x

Responsibilities Cloud Architecture & Security (AWS & GCP)

• Design, implement, and optimize secure cloud architectures in AWS and GCP
• Conduct IAM reviews and implement least‑privilege access models
• Harden identity boundaries and access controls
• Implement and configure cloud‑native security services, including:
  • AWS Guard Duty, Config, Cloud Trail, Security Hub
  • GCP Security Command Center, Cloud Armor, Cloud Logging & Monitoring
• Ensure encryption of data at rest and in transit
• Manage encryption key life cycles using AWS KMS and GCP Cloud KMS
• Design, build, and maintain CI/CD pipelines with integrated security controls
• Implement automated security testing, including:
  • Static Application Security Testing (SAST)
  • Dynamic Application Security Testing (DAST)
  • Software Composition Analysis (SCA)
• Embed security gates into Dev Ops workflows such as Git Hub Actions, Jenkins, and Git Lab
• Integrate and manage secrets using AWS Secrets Manager, GCP Secret Manager, and enterprise secrets management tools

Infrastructure as Code (IaC) & Automation

• Develop and maintain Infrastructure as Code using Terraform, Ansible, and AWS Cloud Formation
• Implement Policy‑as‑Code using OPA Gatekeeper and Terraform Sentinel
• Automate provisioning and deployment of cloud networking, compute, storage, and security resources

Containers & Security

• Support Docker and Kubernetes‑based workloads and containerized applications
• Implement container and cluster hardening, including Pod Security Standards, RBAC tightening, and secure image/runtime configurations
• Integrate vulnerability management and scanning solutions
• Configure service mesh or zero‑trust networking models where applicable
• Configure and integrate monitoring and observability tools such as Zabbix, Prometheus, Grafana, AWS Cloud Watch, and GCP Cloud Logging & Monitoring
• Build dashboards and alerts for performance, security events, and compliance tracking
• Support incident response activities, including threat analysis and root‑cause investigations

Compliance & Governance

• Support compliance efforts aligned with NIST, SOC 2, ISO 27001, and FedRAMP (if applicable)
• Automate audit evidence collection where feasible
• Implement governance guardrails, tagging standards, and cloud account controls

Collaboration, Documentation & Knowledge Transfer

• Collaborate with technical leadership and internal development teams
• Provide recommendations for process improvements and tooling
• Operate with minimal supervision
• Adhere to security, architectural, and compliance standards
• Deploy and administer application hosting solutions including Windows and Linux servers, containers, databases, and file storage
• Enable Dev Sec Ops  pipeline capabilities such as security gates, CI/CD, testing, and application monitoring
• Optimize and automate infrastructure using Terraform, Ansible, Git Hub Actions, and scripting
• Build interfaces and APIs to facilitate infrastructure usage by development teams
• Produce architecture diagrams, environment documentation, deployment instructions, and operational support documentation
• Provide cross‑training and knowledge transfer to internal teams

Requirements Technical Requirements

• Hands‑on experience with Amazon Web Services (AWS) and Google Cloud Platform (GCP)
• Experience with Dev Sec Ops  automation and CI/CD pipelines
• Experience implementing Infrastructure as Code and automation tools
• Experience with Docker, Kubernetes, and container security
• Experience with cloud‑native security services and monitoring tools

Seniority level:
Mid‑Senior level.

Employment type:

Contract. Job function:
Information Technology. Industries:
Information Services.

#J-18808-Ljbffr