AWS DevSecOps Engineer

Description

Position Details:

Job Title: AWS DevSecOps Engineer 

Job Type: Full-time

Location: Remote, DC

Revised: 03/21/2025
 

Dynanet Corporation Overview:

Dynanet started with a focus on IT infrastructure and operations, helping organizations enhance their networks and overcome the limitations of 1990s technology. From strengthening communication channels to introducing innovative ways to collaborate and share information, Dynanet played a crucial role in shaping the early stages of digital transformation. The company’s efforts helped organizations build the very fabric of connectivity that now powers our modern world. Over the last three decades, Dynanet has grown into a trusted partner for organizations looking to innovate boldly and transform seamlessly. While technology continues to evolve and unlock new opportunities, for nearly 30 years, Dynanet remains committed to delivering cutting-edge solutions that drive lasting change for its customers. Through agility, foresight, and an unwavering dedication to excellence, Dynanet continues to empower organizations to thrive in a rapidly changing digital landscape. Our story is more than just a story of technology – it’s a story of vision, growth, and transformation that has shaped the past and continues to pave the way for the future.

About the Role:

We are seeking a highly skilled AWS DevSecOps Engineer to join our team and drive the automation, security, and efficiency of our cloud-based infrastructure. This role will be pivotal in implementing DevSecOps best practices, ensuring secure, scalable, and resilient cloud environments, and integrating security as code into CI/CD pipelines. The ideal candidate will have a strong background in AWS, Kubernetes, Infrastructure as Code (IaC), CI/CD automation, and security compliance frameworks.

Requirements

Roles & Responsibilities:

1. Cloud Infrastructure & Automation:

• Design, implement, and manage secure AWS cloud environments with best practices in scalability, fault tolerance, and cost efficiency.
• Automate infrastructure provisioning using Terraform, AWS CloudFormation, or Pulumi.
• Implement Kubernetes (EKS) clusters and manage containerized applications using Helm and AWS ECS/Fargate.

2. CI/CD & DevSecOps Integration:

• Develop and maintain CI/CD pipelines using Jenkins, GitHub Actions, GitLab CI/CD, or AWS CodePipeline.
• Embed security as code within CI/CD workflows, enforcing security policies, compliance, and vulnerability scanning.
• Automate security testing using tools like Snyk, Trivy, SonarQube, OWASP ZAP, and Checkov.

3. Security & Compliance:

• Implement IAM policies, least privilege access control, and AWS security best practices (e.g., AWS GuardDuty, AWS Security Hub).
• Conduct infrastructure security audits, ensuring compliance with NIST, FedRAMP, HIPAA, or SOC 2 security frameworks.
• Integrate runtime security monitoring using AWS CloudTrail, AWS Config, AWS WAF, and AWS Shield.
• Harden Kubernetes security with OPA/Gatekeeper, Kyverno, or Pod Security Policies.

4. Monitoring, Logging & Incident Response:

• Deploy and maintain observability tools like Splunk, New Relic, Prometheus, Grafana, or AWS CloudWatch for system health monitoring.
• Establish automated alerting and incident response processes for threat detection and mitigation.
• Implement logging and SIEM integration for real-time security monitoring and compliance tracking.

5. Collaboration & Continuous Improvement:

• Work closely with development, security, and operations teams to embed DevSecOps culture and best practices.
• Advocate for Shift-Left Security, ensuring security is integrated from the earliest stages of the software development lifecycle (SDLC).
• Conduct threat modeling, risk assessments, and security training for engineering teams.

Required Professional Skills:

• · Obtain and Maintain a Secret Clearance

Technical Skills

• Cloud: AWS (IAM, VPC, EC2, RDS, Lambda, EKS, S3, CloudFront, Route 53, Secrets Manager, etc.).
• Automation & Infrastructure as Code (IaC): Terraform, AWS CloudFormation, Ansible, or Pulumi.
• Containers & Orchestration: Kubernetes (EKS), Docker, Helm, AWS ECS/Fargate.
• CI/CD Tools: Jenkins, GitHub Actions, GitLab CI/CD, AWS CodePipeline.
• Security: AWS Security Hub, GuardDuty, IAM, KMS, AWS WAF, CIS Benchmarking, Nessus, Snyk, Checkov.
• Monitoring & Logging: Prometheus, Grafana, Splunk, New Relic, AWS CloudWatch, ELK Stack.
• Scripting & Automation: Python, Bash, Go, PowerShell.

Preferred Professional Skills:

• Preferred Certifications: AWS Certified DevOps Engineer, AWS Security Specialty, CISSP, CKA (Certified Kubernetes Administrator).

Dynanet Team Requirements and Expectations:

• Possess Strong written and verbal communication skills.
• Highly organized with an ability to prioritize, balance, and effectively advance multiple competing priorities in a high-volume, fast-paced environment.
• Ability to interact in a professional and collaborative manner with fellow Dynanet Teammates and the clients, and business partners that we work with.
• Ability and desire to challenge and educate yourself to support and advance IT services delivery in the Federal agencies we serve.
• Excellent judgment and creative problem-solving skills.
• Respond to team member and client requests via email, MS teams, or other communication means during core business hours.
• Active listening skills to understand clients' needs, and collaboration skills to work with other developers and designers.

Education/Experience Requirements:

• 5+ years of experience in DevSecOps, Cloud Security, or Infrastructure Automation.
• Experience in implementing security frameworks such as NIST 800-53, FedRAMP, or CIS AWS Benchmarks.
• Experience with API security, threat modeling, and security compliance automation.
• Familiarity with Zero Trust Architecture (ZTA) and microservices security.
• Preferred Certifications: AWS Certified DevOps Engineer, AWS Security Specialty, CISSP, CKA (Certified Kubernetes Administrator).

Employee Benefits Overview:

• Industry Competitive Compensation
• Medical and Dental Insurance
• Paid Time Off/Holidays
• 401(k) Retirement Plans with Matching
• Remote Work
• Paid Training
• Employee Referral Program
• Employee Development Program