Get C2C/W2 Jobs & hotlist update

US jobs, C2C Hotlists, vendor list and Staffing News

Senior DevSecOps Engineer C2C jobs Urgent Required

Title:                                                    Senior DevSecOps Engineer

Location :                                            Mechanicsburg, PA (Hybrid with two days onsite a week)

Duration :                                           8+ Months with possible extension

 

Role summary

Hands-on security automation for AWS delivery. Build secure-by-default CDK constructs and CloudFormation templates, wire them into CI/CD, and enforce compliance checks that map to CJIS and NIST. Azure support is a future consideration, not a core day-one duty.

 

Scope boundaries

    Does not own enterprise AWS Organizations or SCP operations.

    Designs and builds reference guardrails and enforcement patterns that can be deployed by enterprise teams.

Focuses on preventive controls and compliance automation, not incident response.

 

What you will deliver

First 90 days

    Pipeline security templates in GitHub Actions and Azure DevOps with SAST, SCA, IaC, container, and secret scanning gates.

    Compliance as code in reference accounts: AWS Config rules and Security Hub standards aligned to CJIS and NIST 800-53, with exceptions workflow documented.

    IaC reference modules using AWS CDK and CloudFormation for IAM least privilege, KMS, Secrets Manager, logging, and network baselines; Terraform equivalents provided where teams require them.

Evidence exports tying checks to control IDs and producing auditor-ready artifacts.

 

Ongoing

    Harden CDK/CFT modules and pipeline templates as compliance needs evolve.

    Coach pilot teams to adopt templates.

    Raise gaps to enterprise teams for org-level enforcement.

 

Day-to-day responsibilities

    Author and maintain AWS CDK constructs and CloudFormation templates; provide Terraform versions as secondary.

    Implement AWS Config conformance, Security Hub standards, and GuardDuty routing in reference accounts.

    Wire scanning in CI/CD for app code, containers, and IaC.

    Create reusable GitHub/Azure DevOps templates with enforcement gates and exception handling.

    Generate posture and evidence reports mapped to CJIS and NIST controls.

 

Required skills

    5+ years AWS security automation and DevOps.

    Strong with AWS CDK and CloudFormation; working proficiency in Terraform.

    CI/CD authoring in GitHub Actions and Azure DevOps.

    Proficient in Python and Bash, with PowerShell for Windows automation.

    Able to read Java and C# to integrate and tune SAST/SCA.

Practical knowledge of CJIS and NIST 800-53 control families and how to automate checks and evidence.

 

Nice to have

    EKS/ECS/Lambda hardening patterns.

    OPA/Conftest, Checkov, Trivy, Inspector, CodeQL or equivalent.

    Basic Azure security automation for future phases.

 

Decision rights

Independent on design and build within standards; proposes guardrails and reference patterns; escalates enterprise-wide changes.

 

 

Thanks & Regards,
Jimmy@4-pros-solutions.com

Jimmy

 


:
:
:
:
:


🔔 Get our daily C2C jobs / Hotlist notifications on WHATSAPP

About Author

I’m Monica Kerry, a passionate SEO and Digital Marketing Specialist with over 9 years of experience helping businesses grow their online presence. From SEO strategy, keyword research, content optimization, and link building to social media marketing and PPC campaigns, I specialize in driving organic traffic, boosting rankings, and increasing conversions. My mission is to empower brands with result-oriented digital marketing solutions that deliver measurable success.

Leave a Reply

Your email address will not be published. Required fields are marked *

×

Post your C2C job instantly

Quick & easy posting in 10 seconds

Keep it concise - you can add details later
Please use your company/professional email address
Simple math question to prevent spam
✅ Quick posting • 🔒 Secure • 🚀 Instant visibility