DevSecOps Engineer at Softworld Inc
Boston, MA
About the Job
Job Title: DevSecOps Engineer
Location: Boston MA 02110 Hybrid onsite - Tue/Wed/Thu
Onsite Requirements:
- Jenkins
- AWS
- Cloud Security/Terraform
Job Description:
- This role involves designing, implementing, and maintaining secure and robust platform solutions.
- The ideal candidate will have a strong background in systems engineering and security best practices and is comfortable working in a fast-paced and dynamic environment.
Primary Responsibilities:
- Design, develop, and maintain scalable, automated, user-friendly systems, databases, and applications, including platform core infrastructure components such as networking, storage, and compute resources.
- Ensure the platform's security by implementing best practices, security protocols, and regular vulnerability assessments of applications.
Collaborate with cross-functional teams to understand their platform needs and provide technical solutions. - Automate processes to ensure efficiency, reliability, and scalability, including.
- Create and maintain continuous integration and deployment pipelines using GitHub and Jenkins instances.
- Collaborate with quality engineers to integrate functional, performance, and security unit and integration tests into pipelines.
- Create and maintain managed resources provided by cloud service providers, including secrets management, monitoring, logging, security scanning, and other services.
- Work with tooling such as Ansible, Docker, Podman, Packer, Kubernetes, and Terraform to create cloud-based infrastructure utilizing AWS or Azure implementations.
Create automated tests for Infrastructure as Code using Terratest, Container Structure Test, and similar frameworks. - Monitor system performance and identify areas for improvement using standard open-source tools, such as Prometheus, Grafana, and Loki.
- Stay up to date with emerging security threats and protect systems against them. Have experience with processes to scan applications for vulnerability threats and infrastructure.
- Document the design, operation, and troubleshooting of technology platforms and procedures.
- Participate in on-call rotations for system installations outside regular business hours
Skills You Bring:
- A bachelor's degree in computer science, Information Technology, or a related field or equivalent working experience is required. A master's degree is a plus.
- A minimum of five years of experience in DevOps, platform engineering or related information technology experience is required. A focus on security is a plus.
- Ability to automate with various scripting languages (Python, Shell scripting, etc.)
- Experience managing systems using infrastructure as code tools (Jenkins, Terraform, Packer, Ansible)
- Solid understanding of Cloud Computing and DevOps concepts including CI/CD pipelines
- Hands-on Kubernetes skills and knowledge.
- Hands on experience with one or more observability tools (Prometheus, Grafana, ELK/OpenSearch, Datadog, etc.)
- Solid understanding of network protocols, LAN, WAN, SSL, Firewall, Load Balancer, and VPN technologies is a plus.
- Experience with security practices, including end-to-end encryption, network security, data protection, and vulnerability management.
- Proven experience in maintaining scalability and resiliency of complex environment.
- Experienced in Instrumentation with systems skills on building and operating, monitoring, logging, alerting services of distributed systems at scale.
- Experience with configuration management and infrastructure management systems like Ansible, Chef, Docker, CloudFormation.
- Experience with container technologies like Docker and Podman. LWC and containerization orchestration tools like ECS, AKS, EKS preferred.
- Experience with Cloud technologies with cloud providers AWS, Azure, GCP etc.
- Knowledge of AWS Cloud DevOps services such as IAM, VPC, ECS, Lambda, RDS.
- Have a working knowledge of databases, SQL and NOSQL, including database migration tools such as Flyway and Liquibase.
- Solve stack-wide engineering issues related to hardware, software, network, applications, and cloud service providers.
- Coach peers and development teams on how to build highly available systems.
- Work with internal release groups to setup and maintain Non-Prod and Production environments infrastructure and CI/CD efforts.
- Seek out opportunities to develop and improve existing automation processes.
- Troubleshoot and debug CI/CD issues, with a willingness to resolve problems.
- Collect and report on operational metrics for SLA reporting and capacity planning.
- Collect and report on security metrics for security and risk management reporting.
- Strong grasp of Unix-based operating processing systems (Linux).
- Strong containerization technologies experience in hybrid cloud platforms.
- Strong analytical, problem-solving communication and teamwork abilities.
- Experience and capability to build automated tests for Infrastructure as Code tooling with frameworks such as Terratest, Pester, and Container Structure Test.
