Senior DevSecOps Engineer Needed for Security Automation

NexGen Media

Contract · Flexible hours

About the role

NexGen Media seeks a Senior DevSecOps Engineer to embed security into a fast‑moving CI/CD pipeline for a high‑traffic web application. You will partner with development and operations teams to automate security controls, ensure compliance, and reduce risk throughout the software lifecycle.

Key responsibilities

• Design and implement secure CI/CD workflows using Jenkins, GitHub Actions, or similar tools.
• Integrate automated security testing (SAST, DAST, container scanning) into pipelines.
• Develop Infrastructure‑as‑Code templates on AWS with security best practices.
• Configure and manage container security with Docker and Kubernetes.
• Monitor and remediate vulnerabilities in real time.
• Document security standards and provide knowledge transfer to team members.

Must-have skills

• Extensive experience with CI/CD platforms and automation.
• Strong background in cloud security, particularly AWS.
• Proficiency in containerization (Docker) and orchestration security.
• Hands‑on knowledge of SAST, DAST, and container image scanning tools.
• Solid understanding of DevSecOps principles and secure coding practices.

Nice to have

• Experience with Terraform or CloudFormation for secure IaC.
• Familiarity with compliance frameworks such as ISO 27001 or SOC 2.