h3 Technologies
We are seeking a highly skilled and motivated Senior DevSecOps Engineer to join our team in a hybrid capacity, supporting a key Randstad client in the DC area. In this critical role, you will be responsible for leading the integration of security into our cloud-native development and operations workflows. This is a hands-on position requiring deep expertise in AWS tooling, infrastructure automation, and secure CI/CD practices. The ideal candidate will have extensive experience with AWS Code Pipeline, Code Build, Code Deploy (including blue/green deployments), Bitbucket, Python CDK, and Terraform. As part of a SAFe-agile team, you will be expected to embrace self-management and collaboration, attending important ceremonies and working onsite in DC on a needs basis, including for key SAFe events like PI Planning.
Key Responsibilities
Design, implement, and maintain secure CI/CD pipelines using AWS Code Pipeline, Code Build, and Code Deploy. Automate infrastructure provisioning and management using Terraform and AWS CDK (Python). Implement and manage blue/green deployment strategies for seamless, zero-downtime releases. Integrate security scanning tools (SAST, DAST, SCA) and automated vulnerability checks into all stages of the CI/CD pipeline. Collaborate with development and operations teams to establish and enforce secure coding and deployment standards. Monitor and respond to security vulnerabilities and threats across applications and cloud infrastructure. Ensure compliance with security policies, cloud governance frameworks, and industry best practices (e.g., OWASP, NIST, CIS). Provide technical guidance and mentorship to other team members on DevSecOps principles and best practices. Create and maintain comprehensive documentation for security processes, configurations, and deployment strategies. Required Qualifications
Proven experience as a DevSecOps Engineer, with a strong portfolio of projects related to cloud security and automation. Deep hands-on experience with core AWS services, including Code Pipeline, Code Build, Code Deploy, IAM, EC2, Lambda, S3, and CloudFormation. Proficiency in Python, particularly for infrastructure automation with AWS CDK. Extensive experience with Terraform for infrastructure-as-code (IaC). Solid understanding of source control management using Bitbucket. Familiarity with containerization and orchestration technologies such as Docker and Kubernetes. Experience with security tools like Checkmarx and SonarQube. Strong understanding of security frameworks, including OWASP, NIST, and CIS. Excellent communication, problem-solving, and collaboration skills. Ability to work both independently and as a key member of a cross-functional Agile team. Preferred Certifications
AWS Certified DevOps Engineer Certified DevSecOps Professional (CDP) CISSP or other equivalent security certifications
Key Responsibilities
Design, implement, and maintain secure CI/CD pipelines using AWS Code Pipeline, Code Build, and Code Deploy. Automate infrastructure provisioning and management using Terraform and AWS CDK (Python). Implement and manage blue/green deployment strategies for seamless, zero-downtime releases. Integrate security scanning tools (SAST, DAST, SCA) and automated vulnerability checks into all stages of the CI/CD pipeline. Collaborate with development and operations teams to establish and enforce secure coding and deployment standards. Monitor and respond to security vulnerabilities and threats across applications and cloud infrastructure. Ensure compliance with security policies, cloud governance frameworks, and industry best practices (e.g., OWASP, NIST, CIS). Provide technical guidance and mentorship to other team members on DevSecOps principles and best practices. Create and maintain comprehensive documentation for security processes, configurations, and deployment strategies. Required Qualifications
Proven experience as a DevSecOps Engineer, with a strong portfolio of projects related to cloud security and automation. Deep hands-on experience with core AWS services, including Code Pipeline, Code Build, Code Deploy, IAM, EC2, Lambda, S3, and CloudFormation. Proficiency in Python, particularly for infrastructure automation with AWS CDK. Extensive experience with Terraform for infrastructure-as-code (IaC). Solid understanding of source control management using Bitbucket. Familiarity with containerization and orchestration technologies such as Docker and Kubernetes. Experience with security tools like Checkmarx and SonarQube. Strong understanding of security frameworks, including OWASP, NIST, and CIS. Excellent communication, problem-solving, and collaboration skills. Ability to work both independently and as a key member of a cross-functional Agile team. Preferred Certifications
AWS Certified DevOps Engineer Certified DevSecOps Professional (CDP) CISSP or other equivalent security certifications