We are seeking an experienced and proactive DevSecOps Engineer to join our Cybersecurity Application Platform Security Team to secure our Geographic Information Systems (GIS) applications as a part of large business transformation effort – Elevate. The ideal candidate will have hands-on experience with cybersecurity platforms, with a deep understanding of cloud security (especially AWS), strong experience with DevSecOps practices, and an understanding of GIS applications to operate the environment securely, enhance security posture, secure CI/CD pipelines and continuously bake-in security and compliance
Key Responsibilities:
Work with Elevate (GIS) teams to bake-in security controls part of design and implement secure AWS architectures for GIS applications
Provide security best practices for implementing COTS software such as ArcGIS in AWS.
Implement and maintain robust security measures & DevSecOps Framework (SHIELD) throughout every phase of development, from planning to deployment and maintenance across CI/CD pipeline. (‘Secure by design’, ‘Secure by default’)
Implement security policy-as-code (PaC) & Compliance-as-Code (CaC) and integrates continuous security testing within CI/CD pipelines
Report on DevSecOps specific security metrics, KPIs, KRIs to track progress and demonstrate the value of security investments aligning with IT, Cyber L1, L2s.
Partner with SIOC team to perform code reviews and static analysis to identify security vulnerabilities
Validate Identity and Access Management (IAM) policies and roles
Secure data at rest and in transit using AWS encryption services
Work with stakeholders to implement network security measures, including VPCs, security groups, and NACLs
Stay updated on emerging threats, vulnerabilities, and security trends related to AWS, Azure and DevSecOps practices.
Promote cybersecurity awareness among developers and stakeholders.
Foster a security-first mindset across Elevate application platform teams, promoting shared responsibility for cybersecurity (lead by cyber, owned by all).
Qualifications:
Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience).
5+ years of experience in IT security, with at least 3 years focused on DevSecOps, DevOps or Security Engineering roles
Extensive hands-on experience with AWS services and security best practices
Strong understanding of GIS applications (ArcGIS) and their security requirements
Proficiency in scripting languages such as Python, Bash, or Ruby
Experience with CI/CD tools (e.g., Jenkins, GitLab CI, or AWS CodePipeline)
Knowledge of container technologies and orchestration platforms (e.g., Docker, Kubernetes)
Familiarity with infrastructure-as-code tools (e.g., Terraform, CloudFormation)
Understanding of security standards and frameworks (e.g., NIST CSF)
Excellent communication and collaboration skills
Familiarity with the shared responsibility model in cloud environments (AWS, Azure) and hybrid cloud deployments.
CISSP, CISM, or DevSecOps-specific credentials are a plus.
Strong analytical and problem-solving skills with excellent communication and teamwork abilities.
Preferred Technical Skills:
Experience with scripting languages (e.g., Python, PowerShell) for automation of security tasks.
Knowledge of container security (Docker, Kubernetes)
Familiarity with secure software development lifecycle (SDLC) practices.
Soft Skills
Excellent Communication Skills: Ability to clearly articulate security concepts to diverse audiences, including engineers, product managers, and executives.
Collaboration & Influence: Proven ability to work cross-functionally with teams to align on security priorities and influence roadmaps.
Preferred Qualifications:
Relevant security certifications (e.g., AWS Certified Security - Specialty, CISSP, CEH)
Experience with GIS-specific security challenges and solutions
Knowledge of multi-cloud and hybrid cloud security architectures
Familiarity with compliance requirements in the GIS industry
The ideal candidate will be passionate about security, have a proactive mindset, and be able to balance security requirements with business needs. They should be comfortable working in a fast-paced environment and be able to adapt to evolving security threats and technologies
Salary Range
$63.58 - $100.38 USD (Hourly)- Please note that the salary information provided herein is base pay only (gross); it does not include other forms of compensation which may or may not apply to this specific position, namely, performance-based bonuses, benefits-related payments, or other general incentives - none of which are guaranteed, may be subject to specific eligibility requirements, and are wholly within the discretion of Astreya to remit.
- Further, the salary information noted above is a range that consists of a minimum and maximum rate of pay for this specific position. Where an applicant or employee is placed on this range will depend and be contingent on objective, documented work-related considerations like education, experience, certifications, licenses, preferred qualifications, among other factors.
Astreya offers comprehensive benefits to all Regular, Full-Time Employees, including:
Medical provided through Cigna (PPO, HSA, EPO options) / Medical provided through Kaiser (HMO option only) for California employees only
Dental provided through Cigna (DPPO & DHMO options)
Nationwide Vision provided through VSP
Flexible Spending Account for Health & Dependent Care
Pre-Tax Account for Commuter Benefit/Parking & Transit (location-specific)
Continuing Education and Professional Development via various integrated platforms, e.g. Udemy and Coursera
Corporate Wellness Program
Employee Assistance Program
Wellness Days
401k Plan
Basic Life, Accidental Life, Supplemental Life Insurance
Short Term & Long Term Disability
Critical Illness, Critical Hospital, and Voluntary Accident Insurance
Tuition Reimbursement (available 6 months after start date, capped)
Paid Time Off (accrued and prorated, maximum of 120 hours annually)
Paid Holidays
Any other statutory leaves, paid time, or other fringe benefits required under state and federal law
.png)
