Design, implement, and maintain secure CI/CD pipelines using GitHub Actions, integrating vulnerability scanning tools such as (but not limited to) SonarQube, Snyk, and Trivy.
Manage Infrastructure as Code (IaC) using tools like Terraform, AWS CloudFormation, or AWS CDK.
Troubleshoot pipeline issues, including GitHub Runner errors and Docker containerization challenges.
Collaborate with developers to embed best practices into Node.js, Go, and .NET Core applications.
Design, deploy, and monitor microservices and serverless applications on AWS (ECS, EKS, Lambda).
Continuously research and evaluate emerging tools, frameworks, and best practices in DevSecOps, AI, observability, and cloud security to improve SDLC efficiency and robustness.
Build and maintain internal tools, libraries, or CLI utilities that enforce DevSecOps best practices across the SDLC (e.g., standardized CI/CD templates, secure deployment modules, IaC scaffolding).
Act as the maintainer of internal standards and lead initiatives to drive alignment across teams (e.g., SDLC playbooks, secure-by-default templates).
Ensure compliance with HIPAA, GDPR, and SOC 2 requirements in all DevSecOps practices
Requirements
Programming & SDLC
2+ years hands-on experience with Node.js (TypeScript/JavaScript).
Proficiency in Go and .NET Core is a strong advantage.
Good understanding of SDLC, versioning, and branching strategies using GitHub.
DevOps & CI/CD
Advanced in GitHub Actions, including workflows and secrets management.
Familiarity with GitHub Runner debugging and basic CI/CD concepts.
Cloud & Infrastructure
In-depth experience with AWS services: IAM, VPC, CloudFormation, ECR.
Proficiency in Docker and container orchestration with Kubernetes, ECS.
Understanding of Cloud Architecture patterns.
Plus
Experience working with Kafka or similar message brokers.
Comfortable using AI tools (ChatGPT, Bard, GitHub Copilot) for productivity.
