DevSevOps Engineers

DevSevOps Engineers
Need LOCAL TO HARTFORD, CT ONLY- It is hybrid
USC/GC
interview onsite

Key Responsibilities

• Secure CI/CD Pipeline Development
  Design and implement secure CI/CD workflows using tools like GitHub Actions, Jenkins, or GitLab CI, integrating automated security scans, code quality checks, and compliance gates.
• Cloud Security Integration
  Embed security controls into cloud-native applications deployed on Google Cloud Platform (GCP), including IAM policies, VPC Service Controls, workload identity, and secure service-to-service communication.
• AI and Cognitive Services Security
  Integrate and secure AI-driven platforms using Google Vertex AI and IBM watsonx Orchestrate, ensuring model governance, data privacy, and compliance with healthcare regulations.
• Infrastructure as Code (IaC)
  Develop and maintain IaC templates using Terraform or Google Cloud Deployment Manager, ensuring secure configurations and automated provisioning of cloud resources.
• Container Security
  Implement container hardening, image scanning, and runtime protection using tools like GKE (Google Kubernetes Engine), Docker, and Kubernetes-native security solutions (e.g., GKE Autopilot, PodSecurityPolicies, Kyverno).
• Vulnerability Management
  Integrate SAST, DAST, and dependency scanning tools (e.g., SonarQube, Snyk, OWASP ZAP) into development workflows, triaging and remediating findings in collaboration with engineering teams.
• Security Monitoring and Incident Response
  Collaborate with SOC and security teams to define logging standards, integrate with SIEM platforms (e.g., Google Chronicle, IBM QRadar), and support incident detection and response workflows.
• DevSecOps Governance and Automation
  Define and enforce security policies through automated guardrails, policy-as-code, and continuous compliance monitoring.
• Cross-Functional Collaboration
  Partner with product, architecture, and platform teams to ensure security is embedded in design decisions, threat modeling, and risk assessments.
• Continuous Improvement and Innovation
  Stay current with emerging DevSecOps tools, cloud security trends, and regulatory requirements (e.g., HIPAA, HITRUST), driving innovation and maturity in secure software delivery.

• 3+ years of experience in DevOps, Site Reliability Engineering, or Cloud Engineering roles
• 2+ years of hands-on experience implementing security in CI/CD pipelines
• 2+ years of experience with cloud platforms (preferably GCP, AWS, or Azure)
• 2+ years of experience with container orchestration and security (Kubernetes, Docker)
• 1+ years of experience with Infrastructure as Code (Terraform, Helm, etc.)
• 1+ years of experience with vulnerability scanning and remediation workflows
• 1+ years of experience with Google Cloud security services (e.g., IAM, VPC Service Controls, Cloud Armor)
• 1+ years of experience integrating and securing Google Vertex AI and IBM watsonx Orchestrate in enterprise applications
• Familiarity with Agile development practices and DevSecOps principles