Back to all positions

DevSecOps Engineer

Fully Remote

A DevSecOps Engineer integrates cybersecurity practices directly into the software development and deployment lifecycle. This role bridges the gap between development, security, and IT operations by automating security checks and safeguarding infrastructure. Operating at the intersection of these three domains, the DevSecOps Engineer ensures that security is a built-in feature rather than a bottleneck.

Key Responsibilities:

  • CI/CD Pipeline Security: Integrating automated vulnerability scanning directly into the build process using tools such as SonarQube, Snyk, or Trivy.
  • Automated Testing: Implementing SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), and SCA (Software Composition Analysis) to detect vulnerabilities before production.
  • Infrastructure as Code (IaC): Securing cloud environments (AWS, Azure, GCP) by writing secure Terraform code and safeguarding containerized environments such as Docker and Kubernetes.
  • Threat Modeling & Compliance: Defining security policies and conducting automated compliance checks against standards such as GDPR.
  • Culture Advocacy: Training developers in secure coding practices and promoting a "security as code" mindset.
  • System Monitoring: Implementing and managing system monitoring solutions to ensure high availability, performance optimization, and early detection of security or operational issues.
  • Ansible (Optional): Basic knowledge of Ansible to automate infrastructure provisioning, configuration management, and secure deployments.

Qualifications & Competencies:

  • Programming & Scripting: Proficiency in languages such as Python, Go, or Bash to automate security tasks.
  • Cloud & Orchestration: Deep understanding of Kubernetes, Docker, and cloud-native security architectures.
  • Soft Skills: Effective communication skills to collaborate and negotiate between fast-paced development teams and security teams without causing friction. The ability to build consensus is crucial for this highly cross-functional role.
  • Certifications: Familiarity with certification paths (such as AWS Certified Security or CISSP).
  • Languages: Excellent command of English (spoken and written).

We Offer:

  • Work on an international project (initial 6-month contract).
  • Support from an experienced and collaborative team.
  • Opportunities for professional growth and challenging, rewarding work.
  • Flexible engagement options: full-time or part-time (3/4 time).
  • Hourly billing with an attractive rate corresponding to your skills and experience.

Interested in this role?

Book 30 minutes with Gabriela to discuss fit, next steps, and how we support your application.