We are seeking a DevOps Engineer with a strong emphasis on security and compliance to ensure our cloud infrastructure meets regulatory standards such as CCPA and SOC 2. The ideal candidate will be skilled in managing cloud environments (AWS), implementing robust security measures, and collaborating cross-functionally to maintain a secure and scalable cloud architecture.
 

Benefits and Compensation:

• Competitive salary (based on experience and qualifications)

• Permanent Work-From-Home position

• Quarterly Bonus

• Annual Performance Bonus

• Paid Time Off

Key Responsibilities:

• Design, maintain, and optimize a secure AWS cloud infrastructure; implement security monitoring tools and align with regulatory requirements.

Compliance Assurance:

• Ensure adherence to CCPA, SOC 2, and related frameworks; conduct audits and close compliance gaps; document security controls and processes.

Cloudflare Security Integration:

• Implement Cloudflare WAF, DDoS protection, and zero-trust access; manage DNS and load balancing for optimal reliability.

Server Hardening & Patch Management:

• Harden Linux and Windows environments; manage and apply security patches proactively.

Database Security & Encryption:

• Implement encryption for data at rest and in transit; configure access controls and auditing mechanisms for Microsoft SQL Server (on-prem and AWS RDS).

Third-Party Integration & Compliance:

• Assess and validate third-party tools and integrations (e.g. Vonage, SendGrid) for security alignment and compliance.

Continuous Monitoring & Incident Response:

• Establish monitoring systems; create and test incident response plans; utilize Wazuh SIEM or similar tools; coordinate with MSPs on vulnerability management.

Documentation & Reporting:

• Maintain detailed documentation to support audits and regulatory reviews; generate compliance reports.

Software Development & OWASP Security:

• Deploy environments using Linux, Windows, .NET, JavaScript, C#, and Docker; implement CI/CD processes; integrate OWASP best practices into SDLC; conduct security assessments and code reviews.

Working Hours:

Must be available to work full-time hours and coordinate effectively with distributed team members.

Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or related field (preferred)

• Minimum of 4 years' experience in DevOps or related roles, with focus on security and compliance

• Proficiency with AWS services: EC2, S3, RDS, IAM, WAF

• Strong understanding of security principles, best practices, and regulatory requirements

• Experience with scripting languages: .NET, JavaScript, C#, and automation tools

• Excellent communication and collaboration skills