Senior DevSecOps / Compliance Engineer
DevOps/SecOps
Remote
Permanent / Full Time
Title: Senior DevSecOps Engineer
Start Date: Immediate
Position Type: Full Time
Location: Canada / Remote (on-site as required for customer/team meetings)
Time zone: EST
Job Description:
As an experienced Azure / DevSecOps Engineer, you will be responsible to lead the design, implementation, and management of Azure policies, infrastructure automation, and CI/CD pipelines. The ideal candidate will have a strong background in Azure Cloud, Terraform, and Azure DevOps. This role is key in ensuring compliance, governance, and best practices within our Azure environment while automating infrastructure provisioning and streamlining the CI/CD process.
Roles and Responsibilities:
- Azure Policy Management: Design, implement, and manage Azure policies through Terraform and CICD, to enforce security, compliance, and governance across the cloud infrastructure.
- Terraform Development: Develop, manage, and maintain Terraform modules for infrastructure automation, ensuring reusable and scalable code to manage Azure resources, such as compute, networking, storage, security and policies.
- CI/CD Pipeline Development: Build and manage robust multi-stage CI/CD pipelines in Azure DevOps, automating infrastructure provisioning, build, test, and deployment processes.
- Ensure proper integration of Terraform into the CI/CD workflows, automating infrastructure changes, configurations and deployments as part of the pipeline.
- Collaborate with development, operations, and security teams to ensure policies and automation are integrated throughout the development lifecycle.
- Implement best practices for version control, code reviews, and continuous integration of Terraform scripts and CI/CD pipelines.
- WIZ Expertise: Manage WIZ, a cloud security platform, to detect and manage security vulnerabilities, ensure compliance, and mitigate risks across Azure environments.
- Utilize WIZ to perform security assessments and provide recommendations for improving the security posture of cloud infrastructure.
- Collaborate with security teams to monitor and address vulnerabilities using WIZ's advanced security scanning and automation tools.
- Monitor Azure environments to ensure compliance with policies, identifying opportunities for policy updates and improvements.
- Troubleshoot and resolve issues related to infrastructure, policy enforcement, and CI/CD automation.
- Azure Cloud: Extensive experience with Azure services, architecture, and cloud governance best practices.
- Azure Policy Management: Proven expertise in designing, implementing, and managing Azure policies w/Terraform and CICD, to ensure compliance and governance.
- WIZ Cloud Security Platform: Experience in using WIZ for cloud security monitoring, vulnerability management, and compliance checks in Azure environments.
- Strong understanding of cloud security, vulnerability scanning, risk mitigation, and incident response using WIZ.
- Terraform Development:
- Expert in developing and maintaining Terraform modules for automated infrastructure provisioning, covering Azure resources such as virtual machines, networks, and storage, security and policies.
- Experience in managing Terraform state and using Terraform Cloud or Terraform Enterprise for collaboration.
- Writing clean, modular, and well-documented Terraform code.
- CI/CD Development with Azure DevOps:
- Expertise in building and managing CI/CD pipelines using Azure DevOps to automate both infrastructure and application deployments.
- Strong experience in integrating Terraform into CI/CD workflows, automating infrastructure changes within the pipeline.
- Proven ability to implement automation for build, test, and deployment processes.
- Experience with scripting and automation tools (e.g., PowerShell, Python, Bash) to streamline workflows and integrate automation.
- Version Control: Proficiency with Git and best practices for version control, including branching strategies, versioning, and collaboration.
- Knowledge of cloud security, networking, and governance principles.