eTeam
Job Title: DevSecOps Engineer - Mid-Level Consultant
Location: Austin, TX - Houston, TX - Minneapolis, MN - St. Louis, MO
Duration: 12 months
Job Summary:
We are looking for a skilled DevSecOps Engineer (Consultant - Mid-Level) to help design, implement, and maintain secure CI/CD pipelines and cloud-native security controls. The role involves integrating security into all phases of the software development lifecycle, ensuring automation, compliance, and risk reduction across cloud and DevOps environments.
The ideal candidate has hands-on experience in DevOps, cloud platforms, and security tools, and is comfortable working directly with clients to deliver secure solutions.
Key Responsibilities:
Location: Austin, TX - Houston, TX - Minneapolis, MN - St. Louis, MO
Duration: 12 months
Job Summary:
We are looking for a skilled DevSecOps Engineer (Consultant - Mid-Level) to help design, implement, and maintain secure CI/CD pipelines and cloud-native security controls. The role involves integrating security into all phases of the software development lifecycle, ensuring automation, compliance, and risk reduction across cloud and DevOps environments.
The ideal candidate has hands-on experience in DevOps, cloud platforms, and security tools, and is comfortable working directly with clients to deliver secure solutions.
Key Responsibilities:
- Implement and manage DevSecOps practices within CI/CD pipelines (GitLab CI, Jenkins, Azure DevOps, etc.)
- Automate security scans: SAST, DAST, SCA, container scanning , and secrets detection in development workflows.
- Deploy and manage tools such as SonarQube, Checkmarx, Fortify, Aqua, Prisma Cloud, Trivy, Snyk, etc.
- Integrate IAM, secrets management, and key vaults (e.g., HashiCorp Vault , AWS Secrets Manager, Azure Key Vault).
- Collaborate with DevOps, Cloud, and AppSec teams to define secure deployment practices.
- Harden container platforms (e.g., Docker, Kubernetes) and manage policies using tools like OPA/Gatekeeper or Kyverno .
- Design and implement cloud-native security controls on AWS / Azure / GCP .
- Support threat modeling and risk assessments during design and architecture discussions.
- Guide clients in aligning with security standards such as OWASP, CIS Benchmarks, NIST, ISO 27001 .
- Write scripts and automation (Python, Bash, PowerShell, Terraform, etc.) to support security as code.
- 3-6 years of combined experience in DevOps , Application Security , or Cloud Security roles.
- Solid experience with CI/CD tools and at least one scripting language (e.g., Python, Bash).
- Experience with static/dynamic/code dependency scanning tools and interpreting their results.
- Hands-on experience with cloud platforms ( AWS / Azure / GCP ) and securing cloud resources.
- Strong understanding of container security and DevOps security challenges.
- Familiarity with Infrastructure as Code (IaC) and security scanning tools (e.g., Checkov, tfsec
- Security certifications: AWS Security Specialty , AZ-500 , CCSP , DevSecOps Foundation , OSCP , etc.
- Familiarity with compliance standards (PCI-DSS, HIPAA, FedRAMP) and secure SDLC methodologies.
- Experience working in consulting/client-facing roles is a plus.
- Familiarity with SOAR or SIEM tools integration into DevSecOps pipelines.