Senior AWS DevSecOps Engineer (remote)

ALTA IT has a Contract to Hire position open for a Sr. DevSecOps Engineer. If you or anyone you know is interested in learning more, please send your updated resume to slandis@altaits.com. Looking forward to working with you! 100% Remote Will need to obtain a Public Trust This role will join an Agile team collaborating with engineers and developers to continuously innovating and improving security posture across a large federal AWS environment. The ideal candidate will possess strong hands-on experience within a DevSecOps framework, infrastructure as code (terraform), and container services (ECS/Docker). Responsibilities:

• Implement security tools with a focus on automating security and compliance best practices.
• Build and maintain automation and integrations with security tooling and AWS security services.
• Collaborate with development teams to solve complex security challenges.
• Provide support with security incidents and remediation activities.
• Implement CI/CD pipeline utilizing DevSecOps principles and practices to increase automation.
• Create and maintain documentation playbooks and provide training to others on the team.
• Support and contribute to business security requirements, such as the creation of security policies, procedures, and processes.
• Participate in all team planning, product demonstrations, and team retrospectives
• Serve as lead on projects and tasks

• BA/BS (or equivalent experience) and 7+ years of related IT experience
• 4+ years related experience with DevSecOps tools and practices, especially experience with Terraform, Docker, Github
• Experience managing AWS network resources such as VPC, URL proxies, private link, DNS, ACLs, firewalls
• Strong experience with AWS Services especially Security and Infrastructure
• Experience with APIs and Plugins to integrate security tools into CI/CD pipelines
• Strong experience with embedding security into CI/CD pipelines
• Must be able to obtain/maintain a Public Trust

• Experience with implementation of FISMA compliance security controls, including compliance with CIS and NIST 800-53 benchmarks.
• Experience creating AWS Custom Config Rules
• Development languages, and frameworks, including TypeScript, Node.js, AWS SDK, Python, and XML
• Knowledge of compliance-as-code and ATO automation frameworks
• Working knowledge of standard data storage formats and abstractions, including YAML, JSON, XML
• Experience with database technologies, e.g. SQL, NoSQL.