Senior DevSecOps Cloud Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

HK Tech · 13 hours ago

Senior DevSecOps Cloud Engineer

positionSalt Lake City, UT
timeFull-time
remoteHybrid
senioritySenior Level

HK Tech is seeking a qualified DevSecOps Cloud Engineer to provide cloud engineering, DevSecOps automation, and security integration services. The role involves supporting modernization initiatives, improving cloud security posture, and implementing DevSecOps best practices across AWS and GCP environments.

ConstructionConsultingInformation Technology
badNo H1Bnote

Responsibilities

Collaborating with technical leadership and internal development teams
Providing recommendations for process improvements or tooling
Delivering qualified DevSecOps engineering expertise
Operating with minimal supervision
Adhering to Client security, architectural, and compliance standards
Completing required security, background, and drug screening checks
Complying with confidentiality provisions related to regulated and sensitive data
Deploying and administering application hosting solutions across Windows and Linux servers, containers, databases, and file storage
Working with development teams to implement best practices for application hosting and deployment pipelines
Enabling DevSecOps pipeline functions such as security gates, CI/CD, testing, and monitoring
Optimizing and automating infrastructure using tools such as Terraform, Ansible, GitHub Actions, and scripting
Building interfaces and APIs that support infrastructure usage by development teams

Qualification

AWSGCPDevSecOpsInfrastructure as CodeTerraformAnsibleCI/CD pipelinesDockerKubernetesSecurity complianceSoft skills

Required

Expert-level DevSecOps and cloud engineering services across cloud, application, and infrastructure ecosystems
Design, implement, and optimize secure cloud architectures in AWS and GCP
Conduct IAM reviews and implement least-privilege access models
Harden identity boundaries and access controls
Implement and configure cloud-native security services, including AWS GuardDuty, Config, CloudTrail, Security Hub, GCP Security Command Center, Cloud Armor, Cloud Logging & Monitoring
Ensure encryption of data at rest and in transit
Manage encryption key lifecycle using AWS KMS and GCP Cloud KMS
Design, build, and maintain CI/CD pipelines with integrated security controls
Implement automated security testing, including SAST, DAST, and SCA
Embed security gates into DevOps workflows (e.g., GitHub Actions, Jenkins, GitLab)
Integrate and manage secrets using AWS Secrets Manager, GCP Secret Manager, 1Password or equivalent enterprise solutions
Develop and maintain Infrastructure as Code using Terraform, Ansible, AWS CloudFormation
Implement Policy-as-Code using tools such as OPA Gatekeeper, Terraform Sentinel
Automate provisioning and deployment of cloud networking, compute, storage, and security resources
Support Docker- and Kubernetes-based workloads and containerized applications
Implement container and cluster hardening, including Pod Security Standards, RBAC tightening, secure image and runtime configurations
Integrate vulnerability management and scanning solutions (e.g., RiskSense or equivalent)
Configure service mesh or zero-trust networking models where applicable
Configure and integrate monitoring and observability tooling, including Zabbix, Prometheus, Grafana, AWS CloudWatch, GCP Cloud Logging & Monitoring
Build dashboards and alerts for performance, security events, and compliance tracking
Support incident response activities, including threat analysis and root-cause investigations
Support compliance efforts aligned with applicable frameworks, including NIST, SOC 2, ISO 27001, FedRAMP (if applicable)
Automate audit evidence collection where feasible
Implement governance guardrails, tagging standards, and cloud account controls
Provide complete and accurate documentation, including architecture diagrams, environment and source code documentation, deployment and configuration instructions, operational support documentation
Cross-train designated Client staff on tools and software used, systems and environments, development processes and methodologies, application support and maintenance procedures
Collaborate with technical leadership and internal development teams
Provide recommendations for process improvements or tooling
Deliver qualified DevSecOps engineering expertise
Operate with minimal supervision
Adhere to Client security, architectural, and compliance standards
Complete required security, background, and drug screening checks
Comply with confidentiality provisions related to regulated and sensitive data
Deploy and administer application hosting solutions across Windows and Linux servers, containers, databases, and file storage
Work with development teams to implement best practices for application hosting and deployment pipelines
Enable DevSecOps pipeline functions such as security gates, CI/CD, testing, and monitoring
Optimize and automate infrastructure using tools such as Terraform, Ansible, GitHub Actions, and scripting
Build interfaces and APIs that support infrastructure usage by development teams
Must reside around Salt Lake City
Authorization to work in the U.S. without sponsorship, now or in the future

Company

HK Tech

twittertwittertwitter
company-logo
Great technology starts with great people.
dateFounded in 2003
location
Draper, Utah, USA
people-size51-200 employees
web-link
https://www.hkconsulting.biz

Funding

Current Stage
Growth Stage

Leadership Team

leader-logo
Amanda Byrd
Director of Strategic Partnerships
linkedin
Company data provided by crunchbase