eTeam
Job Title: DevSecOps Engineer - Mid-Level Consultant
Location: Austin, TX - Houston, TX - Minneapolis, MN - St. Louis, MO
Duration: 12 months
Job Summary:
We are looking for a skilled
DevSecOps Engineer (Consultant - Mid-Level)
to help design, implement, and maintain secure CI/CD pipelines and cloud-native security controls. The role involves integrating security into all phases of the software development lifecycle, ensuring automation, compliance, and risk reduction across cloud and DevOps environments.
The ideal candidate has hands-on experience in DevOps, cloud platforms, and security tools, and is comfortable working directly with clients to deliver secure solutions.
Key Responsibilities: Implement and manage
DevSecOps practices
within CI/CD pipelines (GitLab CI, Jenkins, Azure DevOps, etc.) Automate security scans:
SAST, DAST, SCA, container scanning , and
secrets detection
in development workflows. Deploy and manage tools such as
SonarQube, Checkmarx, Fortify, Aqua, Prisma Cloud, Trivy, Snyk, etc. Integrate IAM, secrets management, and key vaults (e.g.,
HashiCorp Vault , AWS Secrets Manager, Azure Key Vault). Collaborate with DevOps, Cloud, and AppSec teams to define secure deployment practices. Harden container platforms (e.g., Docker, Kubernetes) and manage policies using tools like
OPA/Gatekeeper or Kyverno . Design and implement cloud-native security controls on
AWS / Azure / GCP . Support
threat modeling
and risk assessments during design and architecture discussions. Guide clients in aligning with security standards such as
OWASP, CIS Benchmarks, NIST, ISO 27001 . Write scripts and automation (Python, Bash, PowerShell, Terraform, etc.) to support security as code. Required Qualifications:
3-6 years of combined experience in
DevOps ,
Application Security , or
Cloud Security
roles. Solid experience with CI/CD tools and at least one scripting language (e.g., Python, Bash). Experience with
static/dynamic/code dependency scanning
tools and interpreting their results. Hands-on experience with cloud platforms (
AWS / Azure / GCP ) and securing cloud resources. Strong understanding of container security and DevOps security challenges. Familiarity with Infrastructure as Code (IaC) and security scanning tools (e.g., Checkov, tfsec Preferred Qualifications:
Security certifications:
AWS Security Specialty ,
AZ-500 ,
CCSP ,
DevSecOps Foundation ,
OSCP , etc. Familiarity with compliance standards (PCI-DSS, HIPAA, FedRAMP) and secure SDLC methodologies. Experience working in consulting/client-facing roles is a plus. Familiarity with
SOAR
or SIEM tools integration into DevSecOps pipelines.
We are looking for a skilled
DevSecOps Engineer (Consultant - Mid-Level)
to help design, implement, and maintain secure CI/CD pipelines and cloud-native security controls. The role involves integrating security into all phases of the software development lifecycle, ensuring automation, compliance, and risk reduction across cloud and DevOps environments.
The ideal candidate has hands-on experience in DevOps, cloud platforms, and security tools, and is comfortable working directly with clients to deliver secure solutions.
Key Responsibilities: Implement and manage
DevSecOps practices
within CI/CD pipelines (GitLab CI, Jenkins, Azure DevOps, etc.) Automate security scans:
SAST, DAST, SCA, container scanning , and
secrets detection
in development workflows. Deploy and manage tools such as
SonarQube, Checkmarx, Fortify, Aqua, Prisma Cloud, Trivy, Snyk, etc. Integrate IAM, secrets management, and key vaults (e.g.,
HashiCorp Vault , AWS Secrets Manager, Azure Key Vault). Collaborate with DevOps, Cloud, and AppSec teams to define secure deployment practices. Harden container platforms (e.g., Docker, Kubernetes) and manage policies using tools like
OPA/Gatekeeper or Kyverno . Design and implement cloud-native security controls on
AWS / Azure / GCP . Support
threat modeling
and risk assessments during design and architecture discussions. Guide clients in aligning with security standards such as
OWASP, CIS Benchmarks, NIST, ISO 27001 . Write scripts and automation (Python, Bash, PowerShell, Terraform, etc.) to support security as code. Required Qualifications:
3-6 years of combined experience in
DevOps ,
Application Security , or
Cloud Security
roles. Solid experience with CI/CD tools and at least one scripting language (e.g., Python, Bash). Experience with
static/dynamic/code dependency scanning
tools and interpreting their results. Hands-on experience with cloud platforms (
AWS / Azure / GCP ) and securing cloud resources. Strong understanding of container security and DevOps security challenges. Familiarity with Infrastructure as Code (IaC) and security scanning tools (e.g., Checkov, tfsec Preferred Qualifications:
Security certifications:
AWS Security Specialty ,
AZ-500 ,
CCSP ,
DevSecOps Foundation ,
OSCP , etc. Familiarity with compliance standards (PCI-DSS, HIPAA, FedRAMP) and secure SDLC methodologies. Experience working in consulting/client-facing roles is a plus. Familiarity with
SOAR
or SIEM tools integration into DevSecOps pipelines.