DevSecOps / Cloud Security Engineer

Purple Drive
Quincy, MA

Job Title: DevSecOps / Cloud Security Engineer

Location: North Quincy, Massachusetts
Experience Required: 3-7+ Years

Position Overview

We are seeking a hands-on DevSecOps / Cloud Security Engineer to embed security across the Software Development Lifecycle (SDLC), CI/CD pipelines, and cloud-native environments.

This role will focus on securing applications, automating security controls, hardening cloud infrastructure, and ensuring compliance with industry security frameworks. The ideal candidate combines strong scripting capabilities with deep expertise in container security, cloud security, and DevSecOps automation.

Key Responsibilities

1. Secure SDLC & Application Security

  • Embed security controls across all SDLC phases.

  • Conduct threat modeling, secure code reviews, and risk assessments.

  • Implement and manage SAST, DAST, and SCA tools.

  • Promote secure coding practices aligned with OWASP standards.

2. CI/CD Pipeline Security

  • Build and maintain secure CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, Azure DevOps).

  • Automate security scans and policy enforcement within pipelines.

  • Integrate secrets management and environment hardening practices.

3. Cloud & Infrastructure Security

  • Conduct Infrastructure as Code (IaC) security reviews using Terraform, CloudFormation, ARM, or Pulumi.

  • Enforce security best practices across AWS, Azure, or GCP.

  • Deploy and manage cloud-native security tools such as AWS GuardDuty, Azure Defender, or GCP Security Command Center.

4. Container & Kubernetes Security

  • Build and scan secure container images using tools like Trivy, Aqua, Clair, or Prisma Cloud.

  • Implement Kubernetes hardening controls (RBAC, network policies, pod security standards).

  • Monitor and remediate cluster security posture and vulnerabilities.

5. Security Automation & Tooling

  • Develop automation scripts and playbooks using Python, Go, Bash, or PowerShell.

  • Integrate SIEM/SOAR platforms into CI/CD workflows.

  • Automate vulnerability management and remediation processes.

6. Compliance & Governance

  • Support compliance with frameworks including:

    • NIST

    • ISO 27001

    • SOC 2

    • PCI-DSS

  • Implement policy-as-code using OPA, Conftest, or cloud-native policy engines.

  • Produce audit-ready documentation and reporting artifacts.

7. Monitoring & Incident Response

  • Integrate security telemetry into pipelines and cloud environments.

  • Triage and respond to security incidents related to CI/CD and cloud workloads.

  • Conduct root cause analysis and implement preventive controls.

Required Skills & Qualifications

  • 3-7+ years of experience in Cybersecurity, DevSecOps, or Cloud Security.

  • Strong scripting/programming skills (Python, Go, Bash, PowerShell).

  • Hands-on experience with CI/CD automation and security tooling.

  • Strong understanding of OWASP Top 10, CWE, and CVE vulnerabilities.

  • Experience with containers and Kubernetes security.

  • Knowledge of microservices architectures and distributed systems.

  • Understanding of cloud networking, IAM, secrets management, and encryption.

Preferred Qualifications

Certifications:
CISSP, CISM, CCSP, AWS/Azure Security Specialty, GIAC, or DevSecOps certifications.

Nice-to-Have Experience:

  • Zero Trust architectures

  • Supply chain security (SBOMs, Sigstore, Cosign)

  • Observability and infrastructure monitoring

  • Serverless security

  • Automated compliance frameworks

Core Competencies

DevSecOps | CI/CD Security | Kubernetes Security | Cloud Security | Infrastructure as Code | SAST/DAST/SCA | Security Automation | Policy-as-Code | Compliance Frameworks

Posted 2026-02-27

Recommended Jobs

Senior Product Manager - Vault CRM - Med Tech

Veeva Systems
Boston, MA

Veeva Systems is a mission-driven organization and pioneer in industry cloud, helping life sciences companies bring therapies to patients faster. As one of the fastest-growing SaaS companies in histo…

View Details
Posted 2026-02-25

Locum MD (Medical Doctor) Gastroenterology

77 consultants
Worcester, MA

Description This contract position offers an on-site working mode, providing an excellent opportunity for medical professionals looking to make a significant impact in the healthcare field. As a…

View Details
Posted 2026-01-15

Senior Solution Architect - Personalization Strategist

Contentful
Boston, MA

About the Opportunity We are hiring a Senior Personalization Solution Architect with deep domain expertise in personalization and experimentation to join Contentful’s Professional Services team. T…

View Details
Posted 2026-02-21

Sales Associate (Remote)

SureGuard
Cambridge, MA

Please be awake that we're not considering International candidates. Our company's received consecutive Top Company Culture awards from Entrepreneur Magazine and maintains high employee ratings on…

View Details
Posted 2026-02-03

IT Field Technician - On Call - Eastham, Massachusetts - Hiring now

Geeks on Site
Brewster, MA

On-Call IT Field Technician – PC, Mac, POS and TV Mounting 📍 Location: Multiple U.S. Cities (Local, Onsite Support) 💼 Job Type: Independent Contractor (1099) 💰 Pay: $35 hour (on-site) …

View Details
Posted 2026-01-14

PACU Registered Nurse (RN)

Four Women Health Services
Attleboro, MA

Saturday PACU RN needed in a busy family planning/abortion facility. Must be a passionate advocate for reproductive rights. Needed for Friday or Saturday sessions (7AM-3PM with some flexibility due t…

View Details
Posted 2026-02-23

Mammography Technician

SGS Consulting
Massachusetts

Job Responsibilities: ~ Min 1 year Experience as Mammography Technician ; Skills: ~ Active Mammography Technician certification need ; Education/Experience: ~ BLS , Covid, High scho…

View Details
Posted 2025-12-02

Regional Medical Scientific Director (Medical Science Liaison) - Ophthalmology (NY, MA, VT, & MA)

Merck & Co.
Massachusetts

Job Description Role Summary The Regional Medical Scientific Director (RMSD) is a credentialed (i.e., PhD, PharmD, OD, DO, or MD) therapeutic and disease expert who engages in bidirectional exc…

View Details
Posted 2026-02-14

Emergency Medicine Physician in Worcester, MA

Saint Vincent Hospital
Worcester, MA

Are you a dedicated emergency medicine (EM) physician seeking a role that combines exceptional patient care with professional growth? Saint Vincent Hospital, located in vibrant Worcester, Massachuset…

View Details
Posted 2026-02-24

NP (Nurse Practitioner) Family Medicine

77 consultants
Boston, MA

Description We are currently seeking a skilled Nurse Practitioner (NP) specializing in Family Medicine . As an NP in Family Medicine, you will play a crucial role in providing comprehensive health…

View Details
Posted 2025-09-20