DevSecOps Engineer
Take2 Consulting, LLC · United States · 3 wk ago
RemoteRemoteEngineeringContract
Responsibilities
- Conduct continuous vulnerability assessments using industry-standard tools (SAST, DAST, SCA, container scanning, IaC scanning).
- Collaborate with engineering and infrastructure teams to remediate vulnerabilities and implement secure-by-default configurations.
- Establish and enforce secure coding guidelines and hardening standards.
- Support incident response activities, including root-cause analysis and containment.
- Partner with SRE and Platform teams to architect secure infrastructure, ensuring adherence to compliance frameworks (e.g., SOC 2, ISO 27001, PCI-DSS).
Qualifications
- Experience with vulnerability scanning tools (e.g., Snyk, Tenable, Qualys, SonarQube, Trivy).
- 5+ years AWS cloud platforms and their native security services.
- 5+ years Linux administration and automation.
- Experience automating workflows using scripting languages such as Python, Bash, or PowerShell.
- Knowledge of NIST 800-53 security and privacy controls.
- Experience with IaC security scanning tools like Checkov, tfsec, or OPA/Conftest.
- Familiarity with SIEM/log analytics platforms such as Splunk, ELK, or Sentinel.
- Experience with secure architecture design, threat modeling, and incident response.
- Knowledge of AWS GovCloud environment specifics and compliance requirements.