DevSecOps Engineer

Exciting job opportunity for a Senior DevSecOps Engineer to join an innovative, non-profit organization within a prestigious university. This full-time, hybrid position offers the opportunity to work with cutting-edge cloud-based software solutions that support scientific research in fields such as life sciences, physics, and astronomy. You'll be responsible for ensuring the highest level of security for a comprehensive platform and AWS cloud infrastructure, contributing to the research community worldwide, and working with a team of experts in a collaborative environment.

This is an incredible opportunity to join a mission-driven organization dedicated to empowering groundbreaking scientific discoveries. As a Senior DevSecOps Engineer, you will play a pivotal role in integrating security into the entire software and infrastructure lifecycle, ensuring robust, scalable, and compliant cloud solutions for researchers globally. You’ll work with advanced technologies like AWS, containerization, and automation tools, all while helping to shape the future of data management for thousands of researchers. This position offers the chance to grow both professionally and personally, with a hybrid work model and a team that values collaboration and continuous learning, giving you the flexibility and work-life balance you desire.

Required Skills & Experience

• 5-7 years of experience in security, DevOps, or related fields
• Expertise in cloud security, particularly AWS services (e.g., IAM, VPC, EC2, RDS)
• Strong knowledge of security best practices, including threat modeling (STRIDE), risk assessment, and vulnerability management
• Experience with container security (Docker, AWS ECS)
• Strong scripting skills, particularly in Python and Bash, for automation and infrastructure management
• Knowledge of compliance frameworks (e.g., FedRAMP, HIPAA) and experience working with auditors
• Experience with Infrastructure as Code (IaC) tools like Terraform or CloudFormation
• Proficient in system administration and monitoring using tools like AWS CloudWatch, Nagios

Desired Skills & Experience

• Experience with CI/CD orchestration tools such as GitHub Actions or Jenkins
• Familiarity with NIST 800-53, OWASP, and CIS Benchmarks
• Expertise in relational database administration (PostgreSQL, MySQL)
• Experience with security frameworks such as Veracode, SonarCube, and OWASP suite
• Ability to work cross-functionally and communicate clearly with different teams
• Familiarity with compliance regulations for the public sector (e.g., FISMA)
• A passion for continuous learning and staying updated on the latest security trends

What You Will Be Doing
Tech Breakdown

• 30% AWS Services (IAM, VPC, EC2, S3, RDS, ECS, CloudWatch)
• 30% Cloud Security & Architecture Design
• 20% Scripting & Automation (Python, Bash)
• 20% Compliance & Monitoring (FedRAMP, HIPAA, NIST)

Daily Responsibilities

• 50% Security Operations & Integration (incident response, security features integration)
• 30% Architecture & Design (cloud security, infrastructure documentation, performance optimization)
• 20% Team Collaboration & Support (training, troubleshooting, cross-team communication)

The Offer

• Bonus OR Commission eligible

You will receive the following benefits:

• Medical, Dental, and Vision Insurance
• Vacation Time
• Stock Options

Applicants must be currently authorized to work in the US on a full-time basis now and in the future.