Staff Software Engineer - DevSecOps - AWS/Azure - Terraform/Ansible - CI/CD Pipelines
extreme network
Job Summary
We are seeking an experienced DevSecOps professional to lead and support enterprise security, compliance, and risk management initiatives. This role involves designing, implementing, and maintaining controls aligned with global compliance frameworks such as ISO 27001, SOC 2, and NIST 800-53. The ideal candidate will possess a deep understanding of security engineering principles, a strong compliance mindset, and a proven ability to drive cross-functional security programs. Key responsibilities include implementing and maintaining security controls, collaborating with auditors, developing automated monitoring tools, translating regulatory requirements into technical specifications, and performing gap assessments and risk analysis. A strong understanding of Kubernetes security, including RBAC, pod security policies, network policies, and secrets management, is also required.
Must Have
- 8+ years in information security/compliance engineering
- DevOps security practices, CI/CD integration
- ISO 27001, SOC 2, NIST SP 800-53 experience
- Cloud-native environments (AWS, Azure, GCP)
- Infrastructure-as-code (Terraform, Ansible)
- Access management, encryption, network security
- Lead technical initiatives, work cross-functionally
- Excellent written and verbal communication
Good to Have
- CISSP, CISA, CISM, ISO 27001 certifications
- Compliance automation platforms experience
- Experience in regulated industries
Job Description
Job Description:
Experience: 9-14 Years
DevSecOps to lead and support our enterprise security, compliance, and risk management initiatives. This individual will play a key role in designing, implementing, and maintaining controls aligned with global compliance frameworks including ISO 27001, SOC 2, and NIST 800-53. The ideal candidate has a deep understanding of security engineering principles, a strong compliance mindset, and a proven track record in driving cross-functional security programs.
Key Responsibilities:
• Follow established processes for the implementation and maintenance of security controls aligned with ISO 27001, SOC 2, and NIST 800-53.
• Collaborate with security leadership to ensure adherence to ISO 27001, SOC 2, and NIST 800-53 controls and procedures.
• Collaborate with internal and external auditors to support audits, evidence gathering, and remediation efforts.
• Develop and maintain automated security and compliance monitoring tools and dashboards.
• Translate regulatory requirements into technical requirements and integrate them into the SDLC (Secure Development Lifecycle).
• Execute tasks related to the implementation and upkeep of compliance controls under ISO 27001, SOC 2, and NIST 800-53 guidance.
• Conduct gap assessments and risk analysis; define and track remediation efforts to ensure compliance readiness.
• Strong hands-on experience and understanding of Kubernetes security, including RBAC, pod security policies, network policies, and secrets management.
Required Qualifications:
• 8+ years of experience in information security or compliance engineering roles.
• Practical experience with DevOps security practices, including integrating security controls into CI/CD pipelines (GitLab CI, Jenkins, GitHub Actions, etc.)
• Strong understanding and hands-on experience with ISO 27001, SOC 2 (Type I and II), and NIST SP 800-53.
• Experience working in cloud-native environments (AWS, Azure, or GCP) with secure configuration and governance controls.
• Familiarity with cloud-native security (AWS, GCP, or Azure), container orchestration, and infrastructure-as-code tools like Terraform, Helm, or Ansible.
• Solid knowledge of access management, encryption, logging/monitoring, and network security principles.
• Demonstrated ability to lead technical initiatives, work cross-functionally, and influence at all levels.
• Excellent written and verbal communication skills with experience writing policies and technical documentation.
Preferred Qualifications:
• Professional certifications such as CISSP, CISA, CISM, ISO 27001 Lead Implementer/Auditor, or AWS Security Specialty etc.
• Experience with compliance automation platforms.
• Background in regulated industries such as fintech, healthcare, or government.
15 Skills Required For This Role
Cross Functional
Communication
Risk Management
Github
Software Development Lifecycle Sdlc
Gitlab
Aws
Azure
Ansible
Terraform
Helm
Ci Cd
Kubernetes
Github Actions
Jenkins
Similar Jobs
Devops
Infrastructure Engineer
1 day ago
Senior Devops Engineer
1 day ago
Senior DevOps Engineer (AWS) - Contract
1 day ago
Associate Cloud Operations Engineer
1 day ago
Site Reliability Engineer (SRE) – Azure & SaaS Platforms
1 day ago
DevOps Engineer
1 day ago
Solution Architect - Cloud Infrastructure
1 day ago
SRE Software Engineer Intern - Global Payment - 2026 Start (BS/MS)
1 day ago
Senior Cloud Platform Engineer
1 day ago
Senior DevOps Engineer (4 to 7 years with Python scripting + AWS/AZURE)
1 day ago
Software Development & Engineering
Wireless Research Systems Engineer – 6G
1 day ago
Senior Machine Learning Engineer – Ads Signals Intelligence & Information Retrieval
1 day ago
Product Compliance Engineer - Systems
1 day ago
Senior Machine Learning Engineer – Ads Signals Intelligence and Information Retrieval
1 day ago
Senior Machine Learning Manager – Ads Predictions
1 day ago
Senior Staff Machine Learning Engineer – Ads Prediction, Signals & Quality
1 day ago
Machine Learning Engineer - Ads Relevance & Quality
1 day ago
Machine Learning Engineer – Ads Predictions
1 day ago
Senior D365 F&O Developer
1 day ago
Software Engineer III
1 day ago