Senior DevSecOps Engineer

Overview:
We’re looking for a Senior DevSecOps Engineer to secure and streamline our cloud
infrastructure and CI/CD pipelines. You’ll embed security throughout the SDLC while enabling
our engineering teams to deliver fast, compliant, and reliable code — supporting a regulated
medical device system.

Responsibilities:
- Build and secure cloud infrastructure using IaC tools (e.g., Terraform, CloudFormation).
- Integrate security into CI/CD pipelines using tools like SonarQube, GitLab CI, etc.
- Automate security monitoring, vulnerability scanning, and audit logging.
- Support container security, IAM, secret management, and encryption.
- Collaborate with engineering teams to instill secure coding practices.
- Ensure infrastructure compliance with ISO 27001, HIPAA, GDPR, and other standards.
- Respond to and document security incidents and root cause analysis.
- Conduct internal security training sessions and contribute to documentation.

Requirements:
- 5+ years in DevOps or DevSecOps with cloud security expertise.
- Deep knowledge of AWS or Azure security tools and architecture.
- Experience with CI/CD pipelines and scripting (e.g., Python, Bash, PowerShell).
- Familiarity with compliance standards and secure coding practices.
- Experience with container security (Docker, Kubernetes, etc.).
- Familiar with tools like AWS CloudTrail, GuardDuty, Secrets Manager, Vault.
- Strong troubleshooting and incident response skills.
- Relevant certifications (e.g., AWS Security, CISSP, OSCP) are a plus.
- Excellent English communication skills (verbal and written).
- Able to work in overlapping hours with teams in Pakistan and the United States.