Jobs · Consulting

Sr DevOps Engineer

Kopius · United States · 5 days ago
RemoteRemoteConsulting$80–$110/hrContract

About the role

Kopius is seeking a skilled, hands-on Sr. DevOps Engineer to join our team leading critical cloud security remediation efforts within a complex, multi-account AWS environment. This role is centered on executing IAM tag fixes, permission right-sizing, and stale-identity/secrets remediation across production pipelines.

Key Responsibilities

  • IAM Remediation Execution: Perform hands-on tag fixes, permission right-sizing, and stale-identity/secrets remediation across multi-account AWS pipelines
  • IAM Policy Management: Design, review, and optimize AWS IAM roles, policies (managed & inline), trust policies, permission boundaries, STS/AssumeRole flows, and Service Control Policies (SCPs)
  • Automation & Scripting: Build and maintain automated remediation scripts using Python + boto3, AWS CLI, and Bash to analyze findings and enforce least-privilege at scale
  • Infrastructure as Code: Implement and deploy remediations directly into application teams' IaC pipelines using Terraform and/or CloudFormation / AWS CDK — no console fixes
  • CICD Pipeline Integration: Integrate security controls and remediation workflows into CI/CD pipelines (GitLab CI, GitHub Actions, Jenkins, AWS CodePipeline) with Git-based change management
  • Access Analysis & Audit: Leverage CloudTrail log analysis, IAM Access Analyzer, and Access Advisor to determine actual usage patterns and validate or dismiss false positives
  • Secrets Remediation: Manage and remediate secrets-related findings using AWS KMS, SSM Parameter Store, and Secrets Manager
  • Cross-Team Collaboration: Work directly with application owners, platform teams, and security stakeholders to align on remediation plans and ensure smooth execution without disrupting workloads
  • Security Posture Monitoring: Utilize CIEM/cloud security tools (Wiz, Prisma Cloud, AWS Config) to assess posture, track remediation progress, and validate outcomes
  • Tagging Strategy: Design and implement enterprise-wide tagging strategies including Attribute-Based Access Control (ABAC) at scale across AWS Organizations

Basic Qualifications

  • Strong written and verbal communication skills, with the ability to present clearly to technical and non-technical audiences
  • Self-motivated, quick learner, and adaptable to new technologies and legacy systems
  • Thrives in a team environment, actively contributes to collaboration, fosters a sense of community
  • Excellent problem-solving and analytical skills, with a keen eye for detail and a proactive approach to issue resolution
  • Strong sense of accountability and ownership over deliverables and outcomes
  • Able to translate security findings into actionable remediations and communicate risk clearly to technical and non-technical audiences
  • Self-directed operator — able to hit the ground running on a time-bound engagement with minimal ramp

Technical Requirements

  • 3–5+ years of hands-on AWS DevOps or cloud engineering experience with a strong focus on IAM, security remediation, and automation
  • Deep, hands-on AWS IAM expertise — roles, policies (managed & inline), trust policies, STS/AssumeRole, access keys, permission boundaries, and SCPs (this is the heart of the role)
  • Proven experience managing identity and access across complex multi-account AWS environments and AWS Organizations
  • Strong Python + boto3 development skills for building remediation tooling, plus AWS CLI and Bash proficiency
  • Hands-on proficiency with Terraform and/or CloudFormation / AWS CDK — critical for pipeline-based remediations
  • Practical experience integrating security and IaC workflows into modern CI/CD pipelines (GitLab CI, GitHub Actions, Jenkins, or AWS CodePipeline) with Git-based change management
  • Ability to analyze usage data, audit logs, and Access Advisor reports using CloudTrail and IAM Access Analyzer to assess actual permissions usage and validate findings
  • Direct experience with account-level SCPs and cross-account role assumptions

Engagement Details

Engagement type: 1099 Independent Contractor
Duration: 18-week contract
Start date: August
Compensation: $80 – $110 per hour, based on experience and qualifications

Note: As an independent contractor, you are responsible for your own taxes, insurance, benefits, and equipment. No employee benefits are provided.

About Us

At Kopius, we're passionate about technology and driven by our partners' potential to make a difference in the world. Our expert teams in digital strategy, design, and engineering are dedicated to solving complex problems and exploring new frontiers. With over 40 active projects and 500+ talented professionals across USA, LATAM, and Europe, we're committed to creatively tackling big challenges and helping our customers stay ahead in a rapidly evolving digital landscape. Join us on this exciting journey of innovation and growth!

Similar jobs

Sr DevOps Engineer

INflow FederalSpringfield, VA· 5 days ago
Engineeringapply on jobs.lever.co

Sr DevOps Engineer

eNcloud Services LLCKaty, TX· 3 days ago
Engineeringapply on encloudservices.com

Sr DevOps Engineer

BAE Systems, Inc.Layton, UT· 5 days ago
Information Technologyapply on jobs.baesystems.com

Sr DevOps Engineer

Rite-HiteMilwaukee, WI· 2 wk ago
Engineeringapply on ritehite.wd12.myworkdayjobs.com

Sr Devops Engineer

SIDRAM TECHNOLOGIESSan Francisco, CA· 5 mo ago
Engineeringapply on candidateportalnew.ceipal.com