Job Title : Cloud Security Engineer/DevSecOps Engineer
Location : Remote
Duration : Long term contract
Note : Looking for consultants with 12+ Years of Experience.
Job Description :
Please find below job description for Security DevSecOps position. 100% Remote.
We are looking for an expert Policy Development candidates with OPA/Rego, Cloud Custodian (C7N) etc. background.
Key Responsibilities:
CI/CD Integration: Design, implement, and maintain CI/CD pipelines with a focus on integrating Policy as Code (PaC) to ensure compliance and security.
Policy Development and Management: Write, review, and maintain Rego policies, ensuring best practices such as modularity, clear metadata, and easy remediation.
Secure DevOps Processes: Develop and enforce secure DevOps processes and practices within deployment pipelines.
Custom Metadata and APIs: Develop and utilize APIs to pull in external custom metadata to enhance PaC rule testing.
AWS Expertise: Leverage AWS services (IAM, EC2, Lambda, ECS, DynamoDB, RDS, S3, EBS) to build and maintain scalable and secure cloud infrastructure.
Serverless Architecture: Implement and manage serverless functions in AWS to run Rego policies and other serverless solutions.
Anomaly Detection: Develop and implement anomaly detection policies, e.g., identifying patterns such as VMs failing at specific times.
Wiz Integration: Utilize Wiz for policy management, including writing custom Rego policies and adapting out-of-the-box policies to fit organizational needs.
Automation and Testing: Implement automated testing frameworks (ATDDs) for Infrastructure as Code (IaC) using Terraform/CFT and ensure robust testing coverage.
Observability and Troubleshooting: Utilize observability tools (Splunk, New Relic) and AWS native tools (CloudTrail, CloudWatch) for monitoring and troubleshooting.
Collaboration and Mentoring: Work closely with other teams to promote best practices, mentor junior engineers, and facilitate knowledge sharing.
The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer.
—
You received this message because you are subscribed to the Google Groups “Daily” group.
To unsubscribe from this group and stop receiving emails from it, send an email to dailyrequest+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dailyrequest/a90d56eb-4287-44d2-a9ac-516e5f5ba09fn%40googlegroups.com.