DevSecOps Engineer
Indexed description
At Canstar, our Technology team builds and operates the core ecosystem powering services for all our internal and external customers. We are looking for a DevSecOps Engineer to join our team.
In this role, you will integrate cloud engineering, security operations, and security engineering to maintain and monitor our overall security posture. You will be assisting with our security roadmap, identifying risks, leveraging automation to eliminate repetitive tasks, driving good governance, and designing agile cloud solutions that ensure fast, secure deployment.
What You’ll Do
- Maintain and patch cloud infrastructure to meet SLAs and security standards. Monitor alerts, logs, and events to proactively investigate potential incidents.
- Manage infrastructure security projects that align with the business's risk appetite, improving our security posture while adding commercial value.
- Design, implement, and maintain security controls across our networks, systems, and applications. Perform vulnerability assessments and support penetration testing.
- Embed security seamlessly throughout the development lifecycle (SDLC) and provide security awareness training and updates across IT teams and the Security Committee.
- Follow Agile practices to optimize team processes, evaluate emerging technologies, and coach/mentor junior infrastructure team members.
- Support Business Continuity and Disaster Recovery planning, perform impact analyses on major design options, and utilize adaptive systems design.
- 5+ years of experience in DevOps/CloudOps (AWS and/or GCP) and a Bachelor’s degree in IT, Computer Science, Cyber, or equivalent experience.
- 3+ years building secure infrastructure and managing security systems (firewalls, IDS, SIEMs, log management, vulnerability scanners).
- Advanced proficiency with Kubernetes (EKS), Docker, Terraform, Python, and CI/CD pipelines.
- A strong understanding of NIST, ISO 27001, The Data Privacy Act, and Essential 8.
- Exceptional problem-solving skills in unfamiliar territory, a knack for automating tasks (and adopting AI tools), and experience translating security data into an actionable backlog.
- Strong collaboration, change management, and communication skills to effectively share security strategies with stakeholders at all levels.
- Certifications such as CISSP, CCSP, CompTIA Security+, AWS Security Specialty, or AWS Solutions Architect Professional (or GCP equivalents).
- Experience managing and securing Google Workspace.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search