A

DevSecOps Engineer

Astreya Partners
Full-time
Remote
$63.58 - $100.38 USD yearly

We are seeking an experienced and proactive DevSecOps Engineer to join our Cybersecurity Application Platform Security Team to secure our Geographic Information Systems (GIS) applications as a part of large business transformation effort – Elevate. The ideal candidate will have hands-on experience with cybersecurity platforms, with a deep understanding of cloud security (especially AWS), strong experience with DevSecOps practices, and an understanding of GIS applications to operate the environment securely, enhance security posture, secure CI/CD pipelines and continuously bake-in security and compliance

Key Responsibilities:

  • Work with Elevate (GIS) teams to bake-in security controls part of design and implement secure AWS architectures for GIS applications

  • Provide security best practices for implementing COTS software such as ArcGIS in AWS. 

  • Implement and maintain robust security measures & DevSecOps Framework (SHIELD) throughout every phase of development, from planning to deployment and maintenance across CI/CD pipeline. (‘Secure by design’, ‘Secure by default’) 

  • Implement security policy-as-code (PaC) & Compliance-as-Code (CaC) and integrates continuous security testing within CI/CD pipelines

  • Report on DevSecOps specific security metrics, KPIs, KRIs to track progress and demonstrate the value of security investments aligning with IT, Cyber L1, L2s.

  • Partner with SIOC team to perform code reviews and static analysis to identify security vulnerabilities

  • Validate Identity and Access Management (IAM) policies and roles

  • Secure data at rest and in transit using AWS encryption services

  • Work with stakeholders to implement network security measures, including VPCs, security groups, and NACLs

  • Stay updated on emerging threats, vulnerabilities, and security trends related to AWS, Azure and DevSecOps practices.

  • Promote cybersecurity awareness among developers and stakeholders. 

  • Foster a security-first mindset across Elevate application platform teams, promoting shared responsibility for cybersecurity (lead by cyber, owned by all).

 

Qualifications:

  • Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience).

  • 5+ years of experience in IT security, with at least 3 years focused on DevSecOps, DevOps or Security Engineering roles

  • Extensive hands-on experience with AWS services and security best practices

  • Strong understanding of GIS applications (ArcGIS) and their security requirements

  • Proficiency in scripting languages such as Python, Bash, or Ruby

  • Experience with CI/CD tools (e.g., Jenkins, GitLab CI, or AWS CodePipeline)

  • Knowledge of container technologies and orchestration platforms (e.g., Docker, Kubernetes)

  • Familiarity with infrastructure-as-code tools (e.g., Terraform, CloudFormation)

  • Understanding of security standards and frameworks (e.g., NIST CSF)

  • Excellent communication and collaboration skills

  • Familiarity with the shared responsibility model in cloud environments (AWS, Azure) and hybrid cloud deployments.

  • CISSP, CISM, or DevSecOps-specific credentials are a plus.

  • Strong analytical and problem-solving skills with excellent communication and teamwork abilities.

Preferred Technical Skills:

  • Experience with scripting languages (e.g., Python, PowerShell) for automation of security tasks.

  • Knowledge of container security (Docker, Kubernetes)

  • Familiarity with secure software development lifecycle (SDLC) practices.

 

Soft Skills  

  • Excellent Communication Skills: Ability to clearly articulate security concepts to diverse audiences, including engineers, product managers, and executives.  

  • Collaboration & Influence: Proven ability to work cross-functionally with teams to align on security priorities and influence roadmaps.  

 

Preferred Qualifications:

  • Relevant security certifications (e.g., AWS Certified Security - Specialty, CISSP, CEH)

  • Experience with GIS-specific security challenges and solutions

  • Knowledge of multi-cloud and hybrid cloud security architectures

  • Familiarity with compliance requirements in the GIS industry

 

The ideal candidate will be passionate about security, have a proactive mindset, and be able to balance security requirements with business needs. They should be comfortable working in a fast-paced environment and be able to adapt to evolving security threats and technologies

Salary Range

$63.58 - $100.38 USD (Hourly)
  • Please note that the salary information provided herein is base pay only (gross); it does not include other forms of compensation which may or may not apply to this specific position, namely, performance-based bonuses, benefits-related payments, or other general incentives - none of which are guaranteed, may be subject to specific eligibility requirements, and are wholly within the discretion of Astreya to remit.
  • Further, the salary information noted above is a range that consists of a minimum and maximum rate of pay for this specific position. Where an applicant or employee is placed on this range will depend and be contingent on objective, documented work-related considerations like education, experience, certifications, licenses, preferred qualifications, among other factors.

Astreya offers comprehensive benefits to all Regular, Full-Time Employees, including:

  • Medical provided through Cigna (PPO, HSA, EPO options) / Medical provided through Kaiser (HMO option only) for California employees only

  • Dental provided through Cigna (DPPO & DHMO options)

  • Nationwide Vision provided through VSP

  • Flexible Spending Account for Health & Dependent Care

  • Pre-Tax Account for Commuter Benefit/Parking & Transit (location-specific)

  • Continuing Education and Professional Development via various integrated platforms, e.g. Udemy and Coursera

  • Corporate Wellness Program

  • Employee Assistance Program

  • Wellness Days

  • 401k Plan

  • Basic Life, Accidental Life, Supplemental Life Insurance

  • Short Term & Long Term Disability

  • Critical Illness, Critical Hospital, and Voluntary Accident Insurance

  • Tuition Reimbursement (available 6 months after start date, capped)

  • Paid Time Off (accrued and prorated, maximum of 120 hours annually)

  • Paid Holidays

  • Any other statutory leaves, paid time, or other fringe benefits required under state and federal law

Apply now
Share this job
Twitter Facebook Linkedin Email