DevOps Engineer Job at GTN Technical Staffing, Houston, TX

bzZOTnZrU2lWSHFWQkdFUysramY1NDdraWc9PQ==
  • GTN Technical Staffing
  • Houston, TX

Job Description

Long Term contract with chance to convert

REMOTE OPENING

Position Overview:

We are looking for a Senior DevSecOps Engineer to lead the integration of security across our entire software development lifecycle. As a senior member of the team, you will drive strategy, set standards, and implement robust, scalable security practices that ensure our development, infrastructure, and operations remain secure and compliant.

You will work closely with engineering, architecture, cloud, and security teams to implement secure-by-default solutions, build developer guardrails, and lead architecture security assessments (ASA) for mission-critical systems. This role demands deep technical expertise, strategic thinking, strong communication skills, and the ability to influence secure design and delivery at scale.

Key Responsibilities:

Strategic & Leadership Responsibilities

  • Define and champion the DevSecOps strategy and roadmap to align security with development velocity.
  • Mentor and guide engineers across Dev, Sec, and Ops on secure design, automation, and risk-based decision-making.
  • Lead threat modeling and architectural risk assessments for new products and major changes.
  • Establish metrics and KPIs for DevSecOps success and drive continuous improvement.

Core Technical Responsibilities

  • Shift Left Security: Embed security controls and tools into early-stage development workflows (IDE, code review, pre-commit hooks).
  • CI/CD Security Automation: Integrate security scanning (SAST, DAST, SCA) directly into CI/CD pipelines using tools like GitHub Actions, GitLab CI, or Jenkins.
  • Infrastructure as Code (IaC): Harden cloud infrastructure via IaC (Terraform, CloudFormation), with automated policy enforcement.
  • Security Testing: Implement and manage static and dynamic analysis tools to ensure secure code across repositories and services.
  • Policy as Code: Define and enforce organizational security policies using frameworks like OPA (Open Policy Agent), Sentinel, or custom rulesets.
  • Automated Security: Build automated pipelines for vulnerability scanning, compliance checks, and secret detection.
  • Continuous Monitoring & Logging: Deploy monitoring solutions for real-time threat detection (e.g., GuardDuty, CloudTrail, SIEM tools).
  • Architecture Diagrams: Create and maintain high-quality architecture and security diagrams for all commercial software platforms and systems.
  • Guardrails & Governance: Develop developer-facing security guardrails, including pre-approved patterns and automated feedback mechanisms.
  • Architecture Security Assessments (ASA): Lead ASA reviews for all significant changes, ensuring secure-by-design implementation.
  • Threat Modeling: Drive proactive threat modeling exercises across products and platforms.

Operational Security Focus

  • Web Application Firewalls (WAF): Design and maintain WAF rules and architecture (e.g., AWS WAF, Cloudflare).
  • API Gateway Security: Secure APIs at the gateway level with authentication, rate limiting, and input validation (e.g., AWS API Gateway, Kong, Apigee).
  • Inline Source Code Scanning: Integrate IDE plugins or Git hooks to scan code in real time and reduce feedback cycles.

Required Qualifications:

  • 6+ years of hands-on experience in DevSecOps, Application Security, or Cloud Security engineering roles.
  • Deep understanding of secure software development, DevOps principles, and cloud-native architectures.
  • Proven experience with CI/CD tools and security automation.
  • Strong scripting and development skills in languages such as Python, Go, or Bash.
  • Experience designing and operating secure cloud environments (AWS, Azure, GCP).
  • Proficiency with IaC and configuration management tools (Terraform, Ansible, CloudFormation).
  • Strong knowledge of container security and orchestration tools (e.g., Kubernetes, Docker, Helm).
  • Demonstrated experience with enterprise security tooling for scanning, monitoring, and policy enforcement.
  • Skilled in creating detailed technical diagrams, security artifacts, and documentation.
  • Strong written and verbal communication skills to influence engineering and leadership teams.

Preferred Qualifications:

  • Industry certifications: CISSP, CSSLP, OSCP, GCP/AWS/Azure Security Specialist, or equivalent.
  • Experience with policy-as-code frameworks (OPA/Rego, HashiCorp Sentinel).
  • Hands-on experience with secrets management solutions (e.g., Vault, AWS Secrets Manager).
  • Familiarity with regulatory and compliance standards (SOC 2, ISO 27001, HIPAA, PCI-DSS).
  • Previous experience conducting red team/blue/purple team exercises or penetration testing or equivalent.

Job Tags

Contract work, Remote job, Shift work,

Similar Jobs

Enterprise Medical Recruiting

Physician / Wound Care / Arkansas / Permanent / Wound Care/Hyperbaric Opening in Arkansas - No nights, weekends, or call Job Job at Enterprise Medical Recruiting

An established Hyperbaric and Wound Care Center in Rogers, Arkansas, is seeking a full-time Physician to step into a Medical Director role. This is an excellent opportunity to lead a dedicated wound care and hyperbari

Korpack

Corporate Trainer Job at Korpack

 ...succeed together. Failure is not an option. The Requirements: ~2-4 years of prior experience in a training role, preferably in a corporate or manufacturing setting. ~ Proven track record of developing and delivering engaging training programs. ~ Strong... 

Headway

Licensed Clinical Social Worker (Virtual) Job at Headway

 ...clients you see through Headway, so that you can set the hours that work for you. Grow your caseload by providing marketing support and...  ...patients in-person or remotely via telehealth while working from home. We accept the following licenses on a state by state basis:... 

Altar'd State

Assistant Leader Job at Altar'd State

 ...Who Are We? Altard State is a rapidly growing womens fashion brand with 130+ locations in 40 states. It feels like a sanctuary...  ...meaningful ways to those in need. Position Overview The Assistant Store Leader leads and supports the Store Leader by directing... 

Global Lingo Ltd.

Project Manager (Chicago) Job at Global Lingo Ltd.

 ...USA Reporting to: Regional Operations Manager Type of employment: Full-time,...  ...Experience: 1+ years of experience in a project management environment The Role For...  ...language services. You will manage all Localization and Writing Services projects to a range...