Ozin Technologies - New Port Richey, FL
posted 5 days ago
Full-time - Mid Level
New Port Richey, FL
About the position
As a Senior Cloud Infrastructure & Security Engineer, you will integrate security practices within the DevOps lifecycle to ensure the continuous delivery of secure, scalable, and reliable software solutions. This role involves close collaboration with development and QA teams to automate and enhance security measures across all stages of the CI/CD pipeline.
Responsibilities
- Implement security controls and tools within CI/CD pipelines to detect and prevent vulnerabilities early in the software development lifecycle.
- Ensure security best practices are followed when deploying infrastructure through tools like Terraform, Ansible, and Kubernetes.
- Develop and maintain automated monitoring and alerting systems for security events, using tools such as Splunk, ELK stack, or Cloud-native services.
- Conduct vulnerability assessments, patch management, and remediation in cloud and on-prem environments.
- Collaborate with cross-functional teams to handle security incidents, investigate root causes, and implement corrective measures.
- Assist in maintaining security policies and ensuring compliance with standards like SOC 2 and NIST.
- Work with development and operations teams to integrate security requirements into DevOps workflows, promoting a DevSecOps culture.
- Evaluate, implement, and maintain security tools such as SAST/DAST, WAFs, container security, and identity management solutions (e.g., OAuth, SAML).
- Design and implement security measures for cloud platforms (AWS, Google Cloud Platform, Azure) including identity management, encryption, and access control.
Requirements
- Bachelor's degree in Computer Science, Cybersecurity, IT Cloud or relevant field; with a minimum of six years of Cloud Infrastructure, DevOps or Cloud Security engineering experience is required.
- 4+ years of experience as a Security Engineer with a focus on DevOps practices.
- 4+ years of experience in cloud platforms (AWS, Google Cloud Platform, or Azure) and cloud security best practices.
- Experience with automation tools like Jenkins, GitLab CI, CircleCI, etc.
- 3+ years of experience in containerization and orchestration (Docker, Kubernetes).
- 3+ years of experience in using security tools and practices (SAST, DAST, vulnerability scanners, etc.).
- Experience with zero-trust architecture.
- Experience with IAM tools (Okta, AWS IAM).
Nice-to-haves
- Experience working with IoT, Digital or Web product management, preferably in a Platform application is a plus.
- Certifications such as CEH, or AWS Certified Security are a plus.
- Familiarity with microservices security (e.g., service mesh, API gateways).
