Damco Solutions
Sr DevOps Engineer (Cloud Security)
Damco Solutions, Frisco, Texas, United States, 75034
Sr DevOps Engineer (Cloud Security)
Frisco, TX (Onsite / REMOTE)
Contract
Job Description:Skill
Description
Level (Advance, Intermediate, beginner)
Hands-on Development in Programming Languages
Worked on python for automating the infrastructure deployments.
Cloud Security
Worked on AWS security hub, IAM, PrivateLink
IAM (Identity and Access Management)
Worked on creating IAM roles, policies, permission boundaries
RBAC (Role-Based Access Control)
implemented RBAC systems to define and enforce role-based permissions for users, ensuring secure and granular access control across applications and services.
Security Monitoring Solutions
Designed and deployed comprehensive security monitoring solutions using tools such as Splunk, AWS CloudTrail, AWS GuardDuty, and Azure Security Center to detect and respond to potential threats in real time
GitOps
Worked on Github actions and Gitlab
DevOps Models
Worked on various devops tools , implemented CI-CD for infrastructure and application deployment.
Platform Development
Integrated diverse microservices, APIs, and databases to create a unified platform supporting modular development and deployment.
Composition Development
Implemented microservices architecture to compose and orchestrate complex applications, enabling independent service development, deployment, and scaling.
OPA (Open Policy Agent)
Created automated security baselines and configurations using Open Policy Agent and AWS Config Rules to maintain adherence to internal and external regulatory requirements
utomation
Designed and enforced cloud security best practices, including identity and access management IAM, VPC, Security Groups, NACLs and data encryption, across public cloud environments.
Public Cloud Infrastructure Security
utomated the detection and remediation of security vulnerabilities, misconfigurations, and compliance issues across cloud environments using security tools like AWS Config.Profile 1:Good understanding of IAM concepts; Knowledge of security concepts (with zero-trust design principles as plus);Hands-on experience designing and implementing for information security on public cloud;Strong knowledge of security across layers (OS, network, application, data, container, CI/CD, etc.);Experience with Wiz (or similar CNAPP solutions) would be a plus; Experience with designing and implementing SIEM/SOAR solution would be plus;Hands-on experience with CSP security tools (like AWS Security Hub, Azure Security Center or GCP Security Command Center) would be plus;Proficiency in Python or Golang for security, automation or observability engineering;Hands-on experience with automation and development; Ability to work independently and collaboratively;
Profile 2:Deep understanding of cloud computing, including virtualization, containerization, and microservices;Understanding of all basic CSP (AWS, Azure or GCP) services;Understanding of security concepts - Kubernetes security, IAM security, container security, network security, auditing, data protection, and CI/CD security;Experience designing and authoring policy as code (OPA/ Cedar) or CSP Service Control Policies;Proficiency in Python or Golang for security, automation or observability engineering;Experience in devops and agile for solution delivery through CI/CD;Hands-on experience with automation and API development; Ability to work independently and collaboratively
Cloud AWS , Azure and GCP ( Strong knowledge in any of these platforms). Strong experience in security services (for eg: IAM, Security hub, Security Center) in any of the cloud platform.Python or Golang skills in API development.Strong knowledge of security across layers (OS, network, application, data, container, CI/CD, etc.)
Frisco, TX (Onsite / REMOTE)
Contract
Job Description:Skill
Description
Level (Advance, Intermediate, beginner)
Hands-on Development in Programming Languages
Worked on python for automating the infrastructure deployments.
Cloud Security
Worked on AWS security hub, IAM, PrivateLink
IAM (Identity and Access Management)
Worked on creating IAM roles, policies, permission boundaries
RBAC (Role-Based Access Control)
implemented RBAC systems to define and enforce role-based permissions for users, ensuring secure and granular access control across applications and services.
Security Monitoring Solutions
Designed and deployed comprehensive security monitoring solutions using tools such as Splunk, AWS CloudTrail, AWS GuardDuty, and Azure Security Center to detect and respond to potential threats in real time
GitOps
Worked on Github actions and Gitlab
DevOps Models
Worked on various devops tools , implemented CI-CD for infrastructure and application deployment.
Platform Development
Integrated diverse microservices, APIs, and databases to create a unified platform supporting modular development and deployment.
Composition Development
Implemented microservices architecture to compose and orchestrate complex applications, enabling independent service development, deployment, and scaling.
OPA (Open Policy Agent)
Created automated security baselines and configurations using Open Policy Agent and AWS Config Rules to maintain adherence to internal and external regulatory requirements
utomation
Designed and enforced cloud security best practices, including identity and access management IAM, VPC, Security Groups, NACLs and data encryption, across public cloud environments.
Public Cloud Infrastructure Security
utomated the detection and remediation of security vulnerabilities, misconfigurations, and compliance issues across cloud environments using security tools like AWS Config.Profile 1:Good understanding of IAM concepts; Knowledge of security concepts (with zero-trust design principles as plus);Hands-on experience designing and implementing for information security on public cloud;Strong knowledge of security across layers (OS, network, application, data, container, CI/CD, etc.);Experience with Wiz (or similar CNAPP solutions) would be a plus; Experience with designing and implementing SIEM/SOAR solution would be plus;Hands-on experience with CSP security tools (like AWS Security Hub, Azure Security Center or GCP Security Command Center) would be plus;Proficiency in Python or Golang for security, automation or observability engineering;Hands-on experience with automation and development; Ability to work independently and collaboratively;
Profile 2:Deep understanding of cloud computing, including virtualization, containerization, and microservices;Understanding of all basic CSP (AWS, Azure or GCP) services;Understanding of security concepts - Kubernetes security, IAM security, container security, network security, auditing, data protection, and CI/CD security;Experience designing and authoring policy as code (OPA/ Cedar) or CSP Service Control Policies;Proficiency in Python or Golang for security, automation or observability engineering;Experience in devops and agile for solution delivery through CI/CD;Hands-on experience with automation and API development; Ability to work independently and collaboratively
Cloud AWS , Azure and GCP ( Strong knowledge in any of these platforms). Strong experience in security services (for eg: IAM, Security hub, Security Center) in any of the cloud platform.Python or Golang skills in API development.Strong knowledge of security across layers (OS, network, application, data, container, CI/CD, etc.)