Skip to content
mimi
All jobs

Senior Dev-Sec-Ops Engineer

Crescens

Mechanicsburg · Hybrid Contract Senior Yesterday
Apply with a tailored resume Save job

About the role

Position Overview

We are seeking a highly skilled Senior DevSecOps Engineer to support the Client Solutions Management group. This role focuses on security automation within AWS environments, implementing secure-by-default infrastructure, CI/CD pipelines, and compliance frameworks aligned with CJIS and NIST standards.

The ideal candidate will bring deep expertise in cloud security, DevOps practices, and infrastructure as code (IaC), with a strong emphasis on automation and compliance enforcement.

Key Responsibilities

DevSecOps & Security Automation

  • Design and implement secure AWS infrastructure using CDK and CloudFormation
  • Develop and enforce security controls and compliance automation aligned with CJIS and NIST 800-53
  • Build "compliance as code” frameworks using AWS Config, Security Hub, and GuardDuty

CI/CD & Pipeline Security

  • Develop secure CI/CD pipelines using GitHub Actions and Azure DevOps
  • Integrate SAST, SCA, container scanning, IaC scanning, and secrets detection into pipelines
  • Implement enforcement gates and exception handling within CI/CD workflows

Infrastructure as Code (IaC)

  • Create reusable IaC modules using:
    • AWS CDK (primary)
    • CloudFormation
    • Terraform (secondary support)
  • Implement best practices for:
    • IAM least privilege
    • KMS encryption
    • Secrets Manager
    • Logging and monitoring
    • Network security baselines

Monitoring, Compliance & Reporting

  • Configure and manage AWS Config rules and Security Hub standards
  • Generate audit-ready compliance reports and evidence mapped to control frameworks
  • Maintain system security posture and continuously improve compliance automation

Collaboration & Enablement

  • Support and guide engineering teams in adopting secure DevOps practices
  • Provide reusable templates and best practices for enterprise teams
  • Identify security gaps and recommend improvements for enterprise adoption

Required Qualifications

  • 5+ years of experience in AWS DevSecOps / Security Automation
  • Strong expertise in:
    • AWS CDK & CloudFormation
    • Terraform (working proficiency)
  • Experience building CI/CD pipelines using:
    • GitHub Actions
    • Azure DevOps
  • Strong scripting skills in:
    • Python
    • Bash
    • PowerShell
  • Ability to work with Java and C# codebases for security integration (SAST/SCA)
  • Strong knowledge of:
    • CJIS compliance standards
    • NIST 800-53 framework
  • Experience implementing:
    • AWS Config, Security Hub, GuardDuty

Preferred Qualifications

  • Experience with:
    • EKS, ECS, Lambda security hardening
  • Familiarity with security tools:
    • Checkov, Trivy, CodeQL, OPA/Conftest, AWS Inspector
  • Exposure to Azure security automation

Skills

AWS CDKAWS CloudFormationAWS ConfigAWS GuardDutyAWS Security HubAzure DevOpsBashC#CJISGitHub ActionsJavaNIST 800-53PowerShellPythonTerraform

Similar roles

Senior Platform Software Engineer

Coders Connect

Lead Engineer

Coders Connect

Senior DevSecOps Engineer

S R International Inc

Don't send a generic resume

Paste this job description into Mimi and get a resume tailored to exactly what the hiring team is looking for.

Get started free