DevSecOps Engineer (AWS) | Full Tiime | Remote | US Only

Posted 2026-05-05
Remote, USA Full-time Immediate Start

We’re Hiring: Senior DevSecOps Engineer (AWS) – Remote

If you’re the kind of engineer who
thinks like an attacker, builds like an architect, and executes like an operator
, this role is worth your attention.

We’re looking for a
hands-on Senior DevSecOps Engineer
to own and evolve the security posture of an AWS-based platform in the healthcare space—where
security, reliability, and real-world impact
matter.

    What makes this role compelling:
  • You’ll
    • own security end-to-end(not just advisory)
  • Work on a
    • live production platformwith real users and real risk
  • Build
    • secure-by-default pipelines(SAST, DAST, SCA, secrets, container scanning)
  • Drive
    • cloud security architecture across AWS(IAM, KMS, GuardDuty, Security Hub)
  • Lead
    • threat detection + incident response strategy
  • Influence
    • SOC 2 readiness and policy-as-code implementation
    What we’re looking for:
  • 5+ years in
    • DevSecOps / Cloud Security (AWS)
  • Deep experience with
    • CI/CD security + automation
  • Strong foundation in
    • Terraform, Docker, and AWS services
  • Experience with
    • SIEM, logging, and incident response
  • Someone who
    • doesn’t wait to be told—sees gaps and fixes them
    What success looks like:
  • Security embedded directly into pipelines
  • No hardcoded secrets—ever
  • Full visibility across logs, events, and threats
  • Vulnerabilities prioritized and remediated fast
  • A platform that’s both
    • secure and scalable
    ✨Who you are:You’re proactive, pragmatic, and calm under pressure. You cantranslate security into business impactand drive decisions that matter.Required Qualifications
  • 5+ years in DevOps, Cloud Engineering, or Security Engineering, with a minimum of 5 years in a security-focused DevSecOps or Cloud Security role.
  • Demonstrated hands-on experience with: EC2, RDS (Aurora), S3, VPC, IAM, KMS, Secrets Manager, CloudTrail, GuardDuty, Security Hub, AWS Config, WAF, Systems Manager, and Lambda.
  • Proven implementation of SAST, DAST, SCA, secret scanning, and container image scanning gated within CI/CD pipelines (GitHub Actions, GitLab CI, or equivalent).
  • Experience writing and securing Terraform at production scale. Familiarity with tfsec, Checkov, or Sentinel for policy enforcement.
  • Experience hardening Docker images, scanning with Trivy or Grype, and managing ECR lifecycle policies. Experience with ECS/EKS security configurations (task role least-privilege, network policy, runtime security).
  • Hands-on experience with AWS Secrets Manager and/or HashiCorp Vault including automated rotation and zero-plaintext-credential enforcement.
  • Experience configuring GuardDuty, CloudTrail, and Security Hub. Ability to write detection rules/queries in a SIEM environment.
  • Experience operating a vulnerability scanning program (Amazon Inspector, Tenable, Qualys) with SLA-based remediation tracking.
  • Proficient in Python and Bash for automation. Ability to independently write Lambda functions, CLI tooling, and operational scripts.
  • Experience leading or co-leading security incident response in a cloud environment, including evidence preservation and post-incident reporting.
  • Proven experience in customer-facing Technical Program Management, including end-to-end ownership of SaaS platform delivery and operations from a DevSecOps perspective.
    Preferred Qualifications
  • Certifications (strongly preferred).
    • AWS Security Specialty (SCS-C02), AWS Solutions Architect Associate/Professional, GIAC Cloud Security Essentials (GCLD), GIAC Public Cloud Pentester (GPCS), OSCP, or equivalent offensive/defensive cloud certification.
  • Experience deploying or operating SaaS Security Posture Management tooling (Obsidian, AppOmni, Valence, Reco).
  • Experience with AWS API Gateway security controls, OAuth 2.0 / OIDC hardening, and automated API security testing (42Crunch, Spectral, OWASP ZAP).
  • Experience with OPA/Rego, Terraform Sentinel, or AWS Service Control Policies for automated policy enforcement.
  • Experience writing correlation rules, detection logic, and dashboards in Splunk, Elastic, or Datadog SIEM.
  • Experience generating and managing SBOMs (CycloneDX/SPDX), SLSA framework implementation, or Sigstore/Cosign artifact signing.
  • Familiarity with CIS Controls, NIST CSF, SOC 2 Type II, or NIST 800-53. Experience supporting external audit
Apply Now

Similar Jobs

Recent Jobs

Azure Automation Engineer- Only on w2
Sr. Platform Engineer (Kubernetes & Compliance, Hybrid), to 260k - FS Poly
Site Reliability Engineer-Remote (PST hours)
System Administrator (remote job, LATAM)
Linux Engineer/bare metal/Kubernetes
System Administrator I – Practice IT
System Administrator (Practice IT)
HelpDesk Technician- Second Shift
Senior Security Engineer (Privacy + Compliance) - Remote - USA
Cybersecurity Vulnerability Analyst I (REMOTE)

You May Also Like

Remote Data Entry Clerk – Flexible Work From Home Position | Part-Time & Full-Time Opportunities Available
Part-Time Data Entry Assistant – Remote Academic Research Support Specialist
Remote Data Entry Specialist – Database Management & Accuracy Excellence at arenaflex | $30/Hour | Fully Remote Position
**Experienced Customer Service Representative – Remote Work Opportunity with arenaflex**
Entry Level Investment Operations Specialist – Remote Trade Processing & Reconciliation Role (Work From Home)
Senior Account Manager, Foodservice & Non-traditional channels
**Experienced Customer Service Representative – Remote Opportunity at arenaflex**
Design Assistant job at lululemon athletica in ...
**Data Entry Clerk - Medical Billing Specialist at arenaflex**
**Remote Chat Support Specialist – Part-Time Entry Level Customer Service Representative**
Back to Job Board