Senior Cloud DevSecOps Engineer

About

YellowIpe

Our mission is to inspire the connection between technology and people.

We nurture the best in our professionals through our expertise in finding and attracting top talent for the best projects.

People Focus, Collaboration, and Commitment are the pillars that guide us on this journey.

Join the yellow team as our new Senior Cloud DevSecOps Engineer!

Project:

A security-related project (linked to the Anycloud initiative) or to expand our capacity within the devops as service project.

Responsibilities:

Someone who can act as the upper intermediate/senior DevSecOps engineer in the analysis and refinement of existing IAM policies to enforce 'Least Privilege on each target cloud (AWS, Azure, GCP);

Someone able to partner closely with security, software engineering and other DevOps teams to strengthen the overall security posture regarding IAM policies.

Someone able to work with development teams (the service owners) to execute comprehensive QA validation to confirm that IAM policies function as expected (both functionally and performance-wise).

Someone able to stay current with security trends, vulnerabilities, compliance regulations, and emerging tools to push for other work and security improvements.

Requirements:

3+ years of proven experience with cloud platforms (Azure, AWS, or GCP), with deep knowledge of identity, access management, and container security (Kubernetes), cloud networking, IAM policies, etc.

Proficient in English spoken and written;

Strong understanding of secure SDLC practices, DevSecOps, IaC (Terraform or equivalent) and integrating security into CI/CD pipelines.

Hands-on skills in scripting/automation (Python, PowerShell, or similar) for security tasks.

Excellent communication skills to explain technical security risks and solutions to development, DevOps, and product teams.

Strong problem-solving mindset and a collaborative approach to resolving security concerns.

Nice to Have:

Hands-on experience with Cloud Security Posture Management (CSPM) tools such as Prisma Cloud, Wiz.

Knowledge of Application Security and SCA/SAST/DAST solutions, particularly Snyk

Solid experience with container technologies like Docker and expertise in managing and optimizing Kubernetes clusters.

Apply for this opportunity in our website! =)