DevOps Engineer Job at GTN Technical Staffing, Houston, TX

M1NVaUVkU0lYUjJmdERUWFdhREpJMnNVd1E9PQ==
  • GTN Technical Staffing
  • Houston, TX

Job Description

Long Term contract with chance to convert

REMOTE OPENING

Position Overview:

We are looking for a Senior DevSecOps Engineer to lead the integration of security across our entire software development lifecycle. As a senior member of the team, you will drive strategy, set standards, and implement robust, scalable security practices that ensure our development, infrastructure, and operations remain secure and compliant.

You will work closely with engineering, architecture, cloud, and security teams to implement secure-by-default solutions, build developer guardrails, and lead architecture security assessments (ASA) for mission-critical systems. This role demands deep technical expertise, strategic thinking, strong communication skills, and the ability to influence secure design and delivery at scale.

Key Responsibilities:

Strategic & Leadership Responsibilities

  • Define and champion the DevSecOps strategy and roadmap to align security with development velocity.
  • Mentor and guide engineers across Dev, Sec, and Ops on secure design, automation, and risk-based decision-making.
  • Lead threat modeling and architectural risk assessments for new products and major changes.
  • Establish metrics and KPIs for DevSecOps success and drive continuous improvement.

Core Technical Responsibilities

  • Shift Left Security: Embed security controls and tools into early-stage development workflows (IDE, code review, pre-commit hooks).
  • CI/CD Security Automation: Integrate security scanning (SAST, DAST, SCA) directly into CI/CD pipelines using tools like GitHub Actions, GitLab CI, or Jenkins.
  • Infrastructure as Code (IaC): Harden cloud infrastructure via IaC (Terraform, CloudFormation), with automated policy enforcement.
  • Security Testing: Implement and manage static and dynamic analysis tools to ensure secure code across repositories and services.
  • Policy as Code: Define and enforce organizational security policies using frameworks like OPA (Open Policy Agent), Sentinel, or custom rulesets.
  • Automated Security: Build automated pipelines for vulnerability scanning, compliance checks, and secret detection.
  • Continuous Monitoring & Logging: Deploy monitoring solutions for real-time threat detection (e.g., GuardDuty, CloudTrail, SIEM tools).
  • Architecture Diagrams: Create and maintain high-quality architecture and security diagrams for all commercial software platforms and systems.
  • Guardrails & Governance: Develop developer-facing security guardrails, including pre-approved patterns and automated feedback mechanisms.
  • Architecture Security Assessments (ASA): Lead ASA reviews for all significant changes, ensuring secure-by-design implementation.
  • Threat Modeling: Drive proactive threat modeling exercises across products and platforms.

Operational Security Focus

  • Web Application Firewalls (WAF): Design and maintain WAF rules and architecture (e.g., AWS WAF, Cloudflare).
  • API Gateway Security: Secure APIs at the gateway level with authentication, rate limiting, and input validation (e.g., AWS API Gateway, Kong, Apigee).
  • Inline Source Code Scanning: Integrate IDE plugins or Git hooks to scan code in real time and reduce feedback cycles.

Required Qualifications:

  • 6+ years of hands-on experience in DevSecOps, Application Security, or Cloud Security engineering roles.
  • Deep understanding of secure software development, DevOps principles, and cloud-native architectures.
  • Proven experience with CI/CD tools and security automation.
  • Strong scripting and development skills in languages such as Python, Go, or Bash.
  • Experience designing and operating secure cloud environments (AWS, Azure, GCP).
  • Proficiency with IaC and configuration management tools (Terraform, Ansible, CloudFormation).
  • Strong knowledge of container security and orchestration tools (e.g., Kubernetes, Docker, Helm).
  • Demonstrated experience with enterprise security tooling for scanning, monitoring, and policy enforcement.
  • Skilled in creating detailed technical diagrams, security artifacts, and documentation.
  • Strong written and verbal communication skills to influence engineering and leadership teams.

Preferred Qualifications:

  • Industry certifications: CISSP, CSSLP, OSCP, GCP/AWS/Azure Security Specialist, or equivalent.
  • Experience with policy-as-code frameworks (OPA/Rego, HashiCorp Sentinel).
  • Hands-on experience with secrets management solutions (e.g., Vault, AWS Secrets Manager).
  • Familiarity with regulatory and compliance standards (SOC 2, ISO 27001, HIPAA, PCI-DSS).
  • Previous experience conducting red team/blue/purple team exercises or penetration testing or equivalent.

Job Tags

Contract work, Remote job, Shift work,

Similar Jobs

Truist

Governance & Controls - Risk Advisor I - FINRA Job at Truist

 ...training.Six + years of banking or relevant experience.Audit experience.Strong knowledge in field of assigned business unit(s).FINRA Series 7, 24, 53, and 66 licenses (Series 9&10 can be used in lieu of 53, Series 63 & 65 can be used in lieu of Series 66).General... 

Solomon Page

Travel Nurse RN - Manager - $2,585 per week Job at Solomon Page

 ...additional healthcare opportunities, visit: solomonpage.com and connect with Solomon Page on Instagram, Facebook, Twitter, LinkedIn, and TikTok. 336468 Solomon Page Job ID #336468. Pay package is based on 8 hour shifts and 40 hours per week (subject to confirmation) with... 

The Zimmerman Agency

Senior Multimedia Designer Job at The Zimmerman Agency

 ...has the skills to make it happen. Theyre just as comfortable concepting and building out storyboards as they are creating a pitch video or directing a production on set. What Were Looking For: Content Visionary : Ability to conceptualize and produce a wide range... 

Red Oak Technologies

Director of Global Logistics & Trade Compliance Job at Red Oak Technologies

 ...with clients in immediate need of highly skilled contract, permanent or project management based resources. Director of Global Logistics & Trade Compliance San Francisco, CA The candidate will primarily serve as a resident expert responsible for developing,... 

Anders Group

Travel Clinical Laboratory Scientist / Medical Laboratory Technician - $2,186 per week Job at Anders Group

 ...Anders Group is seeking a travel Medical Technologist for a travel job in Sitka, Alaska. Job Description & Requirements ~ Specialty...  ...stipend amount to be determined. Posted job title: AK-Medical Laboratory Scientist - Rate $90 About Anders Group WHY ANDERS?...