DevSecOps Engineer

Job Summary

Seeking a remote DevSecOps Engineer (Vulnerability Management) for a long-term contract opportunity, the role focuses on analyzing and triaging vulnerability findings, partnering with engineering teams for remediation, and managing container and Kubernetes security within AWS GovCloud.

Key responsibilities

• Analyze and triage vulnerability findings, prioritizing remediation based on risk and operational impact
• Partner with engineering teams to remediate vulnerabilities through patching and secure coding practices
• Manage container and Kubernetes (EKS) security, ensuring compliance with standards like FedRAMP and NIST 800-53

Required qualifications

• Hands-on experience in AWS GovCloud with a strong understanding of cloud security and compliance requirements
• Expertise in Kubernetes security (EKS), including RBAC and container security best practices
• Experience remediating vulnerabilities in JavaScript-based applications, specifically React and NodeJS
• Familiarity with vulnerability management tools such as Tenable, Qualys, or Aqua
• Ability to communicate security findings and translate them into actionable remediation tasks