DevSecOps Consultant (Int'l Remote)

10+ years of coding experience in Python, with a strong understanding of secure coding principles. Extensive experience with CI/CD tools such as Jenkins, GitLab CI/CD, Azure DevOps, AWS CodePipeline, or CircleCI. Strong background in cloud security (AWS, Azure, GCP) and Infrastructure as Code (IaC) tools like Terraform or Ansible. Experience with containerization and orchestration (Docker, Kubernetes) and their security implications. Deep knowledge of security tools and practices, including SAST, DAST, and security monitoring solutions. Strong understanding of DevOps methodologies, microservices architecture, and cloud-native application security. Experience implementing Zero Trust Architecture and security automation. Hands-on experience with log management and SIEM tools for security monitoring. Excellent problem-solving, communication, and client-facing skills.

Embed security into DevOps processes, ensuring secure software development practices. Design, implement, and optimize CI/CD pipelines with security as a core component. Develop security automation scripts and tools using Python. Identify security threats and vulnerabilities within the SDLC and propose risk mitigation strategies. Implement and configure security tools such as SAST, DAST, SCA, and container security solutions. Conduct security code reviews and provide guidance on secure coding practices. Work closely with development, operations, and security teams to establish DevSecOps culture and provide security training. Ensure adherence to industry security frameworks, compliance requirements, and best practices (e.g., OWASP, NIST, ISO 27001). Assist in security incident response, forensics, and remediation within DevOps environments.