DevSecOps Engineer

Position Overview: 
We are seeking a seasoned mid-level Ubuntu DevSecOps Engineer with 8+ years of experience managing secure and scalable infrastructure across multiple environments. The ideal candidate will have deep expertise in Ubuntu-based system administration, network security protocols, system provisioning, cloud-based integrations across various providers, containerized environments using Docker, and GitLab management. This role is responsible for integrating security best practices into every stage of the development and deployment lifecycle, ensuring robust system security, automation, and compliance. A self-starter who thrives in a dynamic, fast-paced environment, this individual must possess superb time management skills and excellent documentation abilities to maintain security policies, infrastructure configurations, and operational procedures. 
Key Responsibilities: 
Secure Infrastructure & Automation 
- Architect, deploy, and maintain secure Ubuntu-based infrastructure across on-premise and cloud environments. 
- Implement infrastructure as code (IaC) solutions using Terraform, Ansible, and Puppet for automated provisioning and configuration management. 
- Automate security scanning for vulnerabilities in cloud environments, operating systems, and applications. 
- Securely configure networking components, firewalls (iptables/nftables), and intrusion detection/prevention systems (IDS/IPS). 
DevSecOps & CI/CD Security 
- Manage, maintain, and secure GitLab environments, including user access, repository management, and integration with security tools. 
- Configure and automate multiple pipeline workflows within GitLab CI/CD, ensuring secure and efficient software delivery. 
- Deploy and manage GitLab Runners on various systems and architectures, ensuring scalability and optimized performance. 
- Configure and maintain Secrets Management solutions (e.g., HashiCorp Vault, AWS Secrets Manager, CyberArk). 
- Ensure secure software deployment using automated policy enforcement, access controls, and immutable infrastructure concepts. 
- Develop and enforce RBAC (Role-Based Access Control) and least privilege access policies in deployment pipelines. 
Container & Cloud Security 
- Secure containerized environments, ensuring best practices for Docker security, including vulnerability scanning, image signing, and runtime protection. 
- Implement cloud security best practices for AWS, Azure, Google Cloud, or other providers, ensuring least privilege access, identity management, and encryption. 
- Familiarity with ARM-based containerization, optimizing performance and security for ARM-based systems. 
- Conduct continuous compliance auditing for cloud workloads, ensuring adherence to general security best practices without rigid reliance on compliance frameworks. 
Monitoring, Documentation & Incident Response 
- Deploy log aggregation and monitoring solutions for proactive security monitoring and alerting (e.g., ELK Stack, Splunk, Prometheus, Grafana). 
- Implement endpoint security, malware detection, and anomaly-based intrusion detection solutions. 
- Perform incident response and forensic analysis to remediate security breaches and strengthen system defenses. 
- Maintain thorough and well-organized documentation for security policies, system configurations, and operational procedures. 
Required Qualifications: 
- 8+ years of hands-on experience in Ubuntu-based Linux system administration with a strong DevSecOps focus. 
- Experience in managing and securing GitLab, including repository management, CI/CD pipeline automation, and integration with security tools. 
- Strong expertise in configuring and automating GitLab Runners across diverse architectures and environments. 
- In-depth knowledge of network security protocols, encryption technologies, and firewall configurations. 
- Experience with Infrastructure as Code (IaC) using Terraform, Puppet, and Ansible for automated provisioning and configuration management. 
- Hands-on experience securing cloud-based infrastructure across AWS, Azure, Google Cloud, or other providers. 
- Proficiency in Docker container security, including vulnerability scanning, access controls, and secure deployment. 
- Familiarity with ARM-based containerization and its security implications. 
- Strong scripting skills in Bash, Python, or other automation languages for security automation and system administration. 
- Ability to document security policies, system configurations, and operational workflows with clarity and precision. 
Preferred Qualifications: 

-Expertise in GitLab administration, CI/CD security, and Infrastructure as Code (Terraform, Ansible, Puppet).
-Strong knowledge of Docker security, cloud security (AWS, Azure, GCP), and network security protocols
-Experience with secrets management, RBAC implementation, and secure deployment automation.
-Comfortable handling security monitoring, log aggregation (ELK, Splunk, Grafana), and incident response.

Location & Work Environment: 
- Hybrid/Remote flexibility based on project requirements. 
- A dynamic and security-focused environment where DevSecOps plays a critical role in ensuring secure infrastructure and software deployment.