cyberThink
Senior DevSecOps Engineer - Hybrid
cyberThink, Mechanicsburg, Pennsylvania, United States, 17050
Job Description:
As a Senior DevSecOps Engineer, you will serve as a consultant focusing on hands-on security automation for AWS delivery. You will design secure-by-default CDK constructs and CloudFormation templates, integrate them into CI/CD pipelines, and enforce compliance checks aligned with CJIS and NIST standards. This role emphasizes preventive controls and compliance automation rather than incident response, with future consideration for Azure support.
Key Responsibilities:
Author and maintain AWS CDK constructs and CloudFormation templates; provide Terraform equivalents Implement AWS Config conformance packs, Security Hub standards, and GuardDuty routing Integrate scanning tools into CI/CD pipelines for app code, containers, and IaC Create reusable GitHub Actions and Azure DevOps templates with enforcement gates and exception handling Generate posture and evidence reports mapped to CJIS and NIST 800-53 controls Harden CDK/CFT modules and pipeline templates as compliance needs evolve Coach pilot teams on template adoption and escalate gaps to enterprise teams Design reference guardrails and enforcement patterns for deployment by enterprise teams Required Skills, Experiences, Education, and Competencies:
Minimum 5 years of experience in AWS security automation and DevOps Strong proficiency with AWS CDK and CloudFormation; working knowledge of Terraform Experience authoring CI/CD pipelines in GitHub Actions and Azure DevOps Proficient in Python and Bash; PowerShell for Windows automation Ability to read Java and C# for SAST/SCA integration and tuning Practical understanding of CJIS and NIST 800-53 control families and compliance automation Nice to Have:
Experience with EKS, ECS, and Lambda hardening patterns Familiarity with tools such as OPA/Conftest, Checkov, Trivy, Inspector, and CodeQL Basic Azure security automation experience for future phases
The hourly range for roles of this nature are $40.00 to $80.00/hr. Rates are heavily dependent on skills, experience, location, and industry.
cyberThink is an Equal Opportunity Employer.
Author and maintain AWS CDK constructs and CloudFormation templates; provide Terraform equivalents Implement AWS Config conformance packs, Security Hub standards, and GuardDuty routing Integrate scanning tools into CI/CD pipelines for app code, containers, and IaC Create reusable GitHub Actions and Azure DevOps templates with enforcement gates and exception handling Generate posture and evidence reports mapped to CJIS and NIST 800-53 controls Harden CDK/CFT modules and pipeline templates as compliance needs evolve Coach pilot teams on template adoption and escalate gaps to enterprise teams Design reference guardrails and enforcement patterns for deployment by enterprise teams Required Skills, Experiences, Education, and Competencies:
Minimum 5 years of experience in AWS security automation and DevOps Strong proficiency with AWS CDK and CloudFormation; working knowledge of Terraform Experience authoring CI/CD pipelines in GitHub Actions and Azure DevOps Proficient in Python and Bash; PowerShell for Windows automation Ability to read Java and C# for SAST/SCA integration and tuning Practical understanding of CJIS and NIST 800-53 control families and compliance automation Nice to Have:
Experience with EKS, ECS, and Lambda hardening patterns Familiarity with tools such as OPA/Conftest, Checkov, Trivy, Inspector, and CodeQL Basic Azure security automation experience for future phases
The hourly range for roles of this nature are $40.00 to $80.00/hr. Rates are heavily dependent on skills, experience, location, and industry.
cyberThink is an Equal Opportunity Employer.