DevSecOps Consultant
Presupuesto: -
HOURLY / FULL_TIME
⭐ 4.95 (79)
Canada
cloud-security
Description:
Deploy and configure production security tools and services to monitor and protect cloud workloads, networks, containers, and endpoints across AWS and Azure
Design, implement, and manage cloud security architecture including IAM, network segmentation, security groups, and firewall policies
Implement and manage Infrastructure as Code (IaC) security scanning (Terraform, CloudFormation, ARM templates) to catch misconfigurations before deployment
Own cloud security posture management (CSPM) and workload protection across multi cloud environments
Review and enhance rules and policies for security devices and SaaS platforms such as WAF, DLP, IDS, IPS, Firewalls, EDR, and CASB
Manage container and Kubernetes platform security, including image hardening, admission controls, and runtime protection
Design and manage secrets management, key rotation, and secure credential handling across cloud environments
Apply Zero Trust principles across cloud infrastructure, workload identity, and service to service communication
Working knowledge of SASE, ZTNA, PAM, and XDR technologies and their application in cloud and hybrid environments
Implement and administer SD-WAN, Site to Site, and Multi Cloud Network connectivity
Basic exposure to embedding security checks into CI/CD pipelines is helpful but not a core focus of the role
Perform SecOps and cloud security maturity gap assessments, determine risks, and recommend mitigation actions
Investigate, document, and report on infrastructure and platform security issues and emerging trends
Hands on administration and hardening of Linux and Windows based OS and cloud native infrastructure
Requirements:
Bachelor's degree in Computer Science, Information Security, or related field (or equivalent work experience)
A minimum of 4 years of professional experience in cloud security, platform engineering, or infrastructure security
Hands on experience with cloud native security on AWS and/or Azure, including IAM, network security, and workload protection
Experience with CSPM and cloud workload protection tools
Proficiency with IaC (Terraform, CloudFormation, ARM templates) and IaC security scanning
Proficiency in IPSec, SSL VPN, Sandboxing, Proxy, NAT, syslog, DNS, and NAC
Strong scripting ability (Python, Bash, or similar) to automate security checks and platform tooling
Strong knowledge in networking and operating systems such as Linux/Unix/Windows
Familiarity with OWASP Top 10 and SANS Top 25 is a plus but not the primary focus
Industry relevant certifications such as CISSP, AWS Security, Azure Security, CCSP are a plus
Strong understanding of ITIL processes
Abrir en Upwork