DevOps Engineer Job at GTN Technical Staffing, Houston, TX

bzZOTnZrU2lWSHFWQkdFUysramY1NDdraWc9PQ==
  • GTN Technical Staffing
  • Houston, TX

Job Description

Long Term contract with chance to convert

REMOTE OPENING

Position Overview:

We are looking for a Senior DevSecOps Engineer to lead the integration of security across our entire software development lifecycle. As a senior member of the team, you will drive strategy, set standards, and implement robust, scalable security practices that ensure our development, infrastructure, and operations remain secure and compliant.

You will work closely with engineering, architecture, cloud, and security teams to implement secure-by-default solutions, build developer guardrails, and lead architecture security assessments (ASA) for mission-critical systems. This role demands deep technical expertise, strategic thinking, strong communication skills, and the ability to influence secure design and delivery at scale.

Key Responsibilities:

Strategic & Leadership Responsibilities

  • Define and champion the DevSecOps strategy and roadmap to align security with development velocity.
  • Mentor and guide engineers across Dev, Sec, and Ops on secure design, automation, and risk-based decision-making.
  • Lead threat modeling and architectural risk assessments for new products and major changes.
  • Establish metrics and KPIs for DevSecOps success and drive continuous improvement.

Core Technical Responsibilities

  • Shift Left Security: Embed security controls and tools into early-stage development workflows (IDE, code review, pre-commit hooks).
  • CI/CD Security Automation: Integrate security scanning (SAST, DAST, SCA) directly into CI/CD pipelines using tools like GitHub Actions, GitLab CI, or Jenkins.
  • Infrastructure as Code (IaC): Harden cloud infrastructure via IaC (Terraform, CloudFormation), with automated policy enforcement.
  • Security Testing: Implement and manage static and dynamic analysis tools to ensure secure code across repositories and services.
  • Policy as Code: Define and enforce organizational security policies using frameworks like OPA (Open Policy Agent), Sentinel, or custom rulesets.
  • Automated Security: Build automated pipelines for vulnerability scanning, compliance checks, and secret detection.
  • Continuous Monitoring & Logging: Deploy monitoring solutions for real-time threat detection (e.g., GuardDuty, CloudTrail, SIEM tools).
  • Architecture Diagrams: Create and maintain high-quality architecture and security diagrams for all commercial software platforms and systems.
  • Guardrails & Governance: Develop developer-facing security guardrails, including pre-approved patterns and automated feedback mechanisms.
  • Architecture Security Assessments (ASA): Lead ASA reviews for all significant changes, ensuring secure-by-design implementation.
  • Threat Modeling: Drive proactive threat modeling exercises across products and platforms.

Operational Security Focus

  • Web Application Firewalls (WAF): Design and maintain WAF rules and architecture (e.g., AWS WAF, Cloudflare).
  • API Gateway Security: Secure APIs at the gateway level with authentication, rate limiting, and input validation (e.g., AWS API Gateway, Kong, Apigee).
  • Inline Source Code Scanning: Integrate IDE plugins or Git hooks to scan code in real time and reduce feedback cycles.

Required Qualifications:

  • 6+ years of hands-on experience in DevSecOps, Application Security, or Cloud Security engineering roles.
  • Deep understanding of secure software development, DevOps principles, and cloud-native architectures.
  • Proven experience with CI/CD tools and security automation.
  • Strong scripting and development skills in languages such as Python, Go, or Bash.
  • Experience designing and operating secure cloud environments (AWS, Azure, GCP).
  • Proficiency with IaC and configuration management tools (Terraform, Ansible, CloudFormation).
  • Strong knowledge of container security and orchestration tools (e.g., Kubernetes, Docker, Helm).
  • Demonstrated experience with enterprise security tooling for scanning, monitoring, and policy enforcement.
  • Skilled in creating detailed technical diagrams, security artifacts, and documentation.
  • Strong written and verbal communication skills to influence engineering and leadership teams.

Preferred Qualifications:

  • Industry certifications: CISSP, CSSLP, OSCP, GCP/AWS/Azure Security Specialist, or equivalent.
  • Experience with policy-as-code frameworks (OPA/Rego, HashiCorp Sentinel).
  • Hands-on experience with secrets management solutions (e.g., Vault, AWS Secrets Manager).
  • Familiarity with regulatory and compliance standards (SOC 2, ISO 27001, HIPAA, PCI-DSS).
  • Previous experience conducting red team/blue/purple team exercises or penetration testing or equivalent.

Job Tags

Contract work, Remote job, Shift work,

Similar Jobs

AO Globe Life - Alisha May

Virtual Sales for Military and Athletes Job at AO Globe Life - Alisha May

 ...highly motivated individuals with a background in the military or athletics to join our team. As an agent specializing in serving the...  ...be willing to obtain appropriate licensing and certifications (training provided Benefits:-Competitive commission-based compensation... 

Necnic Group, LLC

Endocrinology Opportunity Job at Necnic Group, LLC

(Physician/MD qualifications required) Endocrinology - Seeking an Endocrinologist to join a practice in southeast Alabama just miles from the state lines of Florida and Georgia. PRACTICE HIGHLIGHTS: No call coverage except office Mix of inpatient and outpatient... 

Forrest Solutions

Office Services Associate $26.50-$27 Job at Forrest Solutions

 ...attic stock furniture and schedule cleanings. Reception Services (Backup) Greet visitors, answer and route calls, and issue temp/vendor badges. Validate parking, make transportation arrangements, and update internal phone lists. Communicate emergencies and... 

Farmland Fresh Dairies LLC

Truck Dispatcher Job at Farmland Fresh Dairies LLC

 ...selected accounts. This position will also coordinate and oversee all dispatch operations for delivery. Being bilingual with fluency in...  ...with mechanics on vehicle condition reports and needed truck repairs to ensure safety protocols Communicating with management... 

Labcorp

Clinical Laboratory Technician - Microbiology Job at Labcorp

 ...Professional? Are you looking to looking to embark on a new challenge in your career, or start your career in Clinical Lab Science? If so, LabCorp wants to speak with you about exciting opportunities to join our team **St. Vincent's Hospital East in Birmingham, AL.** In this...