DevSecOps Engineer

Posted Mar 10

We're looking for an experienced and enthusiastic DevSecOps Engineerwith a focus on AWS to join our consulting team. Want to help our client’s build awesome solutions to accomplish their goals and vision? Are you interested in working from home with some of the best talent on the planet? Then keep reading.

About You

You have experience in analyzing existing DevOps systems from a security and best practices perspective and proposing recommendations for improvements. Your background will include experience with networking (Windows and Linux) and web hosting and how this translates to the cloud and Infrastructure as Code. Your focus will be on Amazon Web Service systems. You’ll have experience with multi-account AWS infrastructure and good governance mechanisms. You have expert knowledge of IAM, hybrid on-premises and cloud systems, and how AWS native security solutions (GuardDuty, SecurityHub, Macie.) factor into the mix. You have an interest in securely provisioning these services and applications that run in AWS through automation.

You’ll be familiar with concepts such as OWASP Top 10 and MITRE ATT&CK. You understand DevOps processes and how infrastructure as code can be used to build out cloud systems. You know what Terraform, CloudFormation and Azure Resource Manager templates are. Your background may have included working as one or more of: a security analyst, Blue Team, DevOps Engineer, System Administrator or architecting secure multi-cloud systems in the past.

You know what Jenkins and CircleCI are. You may have used Ansible, Puppet or Chef. You’re familiar with GitHub and GitLab native security pipeline tooling. You’ll understand concepts around DevSecOps pipelines including static analysis, secret scanning and container vulnerability scanning. You augment your knowledge of cloud systems by using tools such as ScoutSuite for infrastructure and vulnerability detection.

You’ll be familiar with building pipelines that include tools such as Veracode, Blackduck, SonarQube and git-secrets. You understand how linting, unit tests and code coverage fit into a DevOps pipeline . You’ll also be familiar with cloud-native DevOps and security options. As well as being AWS focused you’ll be a generalist when it comes to information security. You attend conferences, and even better talk/volunteer/help organize them. You enjoy CTF challenges, reading or listening to podcasts on the subject. You are happy presenting to clients including senior management and have good written skills for compiling findings and recommendations reports.

Finally, you have a passion for learning. You won’t mind expanding your skill set, and getting some exposure to Azure and GCP, especially to help understand how these factor into multi-cloud DevOps solutions

Having overlap with your team is critical when working in a global remote team. Modus requires all team members to overlap with EST morning hours daily. In addition, reliable high speed internet is a must.

[In reference to requisitions 682,1445]

Things You Might Do

Modus is a fast-growing, and remote-first company, so you'll likely get experience on many different projects across the organization. That said, here are some things you'll probably do:

Give back to the community via open source and blog posts
Travel and meet great people- as part of our remote-first lifestyle, it's important that we come together as needed to work together, meet each other in person and have fun together. Please keep that in mind when you apply.
Teach and be taught: Modus creates active teams that work in internal and external projects together, giving opportunities to stay relevant with the latest technologies and learning from experts worldwide
Interact directly with internal and external clients to represent Modus and its values

Why Modus Create:

Our Benefits may vary according to the Country you are located in, so please reach out to our recruiter in case you have any questions.

If you live in Costa Rica and you become a full time employee at our office we offer: