Senior DevSecOps Engineer

TruU is seeking a Senior DevSecOps Engineer! As we expand our DevSecOps team, we are seeking an experienced engineer who thrives on the challenges of securing cloud environments and enhancing our security posture across AWS and Azure.

Position Overview:

As a DevSecOps Engineer, you'll be responsible for integrating and automating security at every phase of the software development lifecycle. You'll design, build, and manage secure infrastructure across AWS and Azure, ensuring compliance with industry standards and internal policies. Your expertise will help build a culture where security is ingrained in our processes and infrastructure.

Key Responsibilities: 

• Cloud Security Architecture: Design and implement secure architectures in AWS and Azure, including networking, IAM, and encryption.
• Infrastructure as Code (IaC): Develop secure, automated, and scalable infrastructure using tools like Terraform, CloudFormation, and ARM Templates. 
• Security Compliance: Ensure compliance with frameworks such as CIS, NIST, ISO 27001, and SOC 2. 
• Security Monitoring & Incident Response: Implement security monitoring, logging, and alerting solutions and respond to security incidents promptly. 
• DevSecOps Practices: Embed security into CI/CD pipelines, enabling development teams to deliver secure software at speed. 
• Security Tooling & Automation: Implement security tools like AWS Security Hub, Azure Security Center, and other relevant services for vulnerability management, secrets management, and automated compliance checks. 
• Collaboration: Work closely with DevOps, SRE, and development teams to integrate security best practices. 

 Required Qualifications: 

•  Bachelor's degree in computer science, Information Security, or related field, or equivalent experience. 
•  7+ years of experience in DevSecOps, cloud security, or a related role. 
•  Proven expertise in securing AWS and Azure environments. 
•  Strong understanding of networking principles, encryption standards, and IAM in both cloud platforms. 
•  Proficiency with scripting languages (Python, PowerShell, Bash). 
•  Experience with CI/CD tools like Jenkins, AWS Dev Tools (CodePipeline), Bitbucket Pipelines, or Azure DevOps. 
•  Strong understanding of security frameworks and best practices. 
•  Familiarity with container security (Docker, ECS). 
•  Relevant certifications such as AWS Certified Security - Specialty, Azure Security Engineer Associate, CISSP, or CISM. 
• Background in software development and secure coding practices. 

Benefits: 

• Competitive salary and stock options plan (with approval).
• 4 weeks + 5 days of personal leave annually paid by employer.
• 5 sick leave days.
• Multisport card.
• Flexible work hours and a hybrid work setup.
• Professional growth and development opportunities.
• Global, collaborative, and inclusive company culture.