AWS DevSecOps Architect (Hybrid)

Orion Innovation is a premier, award-winning, global business and technology services firm. Orion delivers game-changing business transformation and product development rooted in digital strategy, experience design, and engineering, with a unique combination of agility, scale, and maturity. We work with a wide range of clients across many industries including financial services, professional services, telecommunications and media, consumer products, automotive, industrial automation, professional sports and entertainment, life sciences, ecommerce, and education.

Responsibilities

• Leads and participates in governance functions to promote security objectives (Cloud, DevOps, DevSecOps)
• Design and implement various customization for CI/CD platforms (AWS, DevOps / GitHub Enterprise) w.r.t build agent pools management
• Collaborate with enterprise architects and various IT service owners (security, platform services, network services, etc.) to align DevSecOps roadmap to other ongoing initiatives
• Provides and delivers actionable security guidance to project teams
• Vision, Architect solution proposal and Support business development
• Collaborating with engineering and client team to evaluate and identify optimal DevOps security solutions
• Reviewing system design in accordance with cloud & security best practices, making recommendations on required security guardrails and cost optimizations
• Identifying, analyzing, and resolving infrastructure vulnerabilities and application deployment issues
• Interacting with clients, providing DevSecOps support, and making recommendations based on client needs
• Detect, Collect, Assess, and evaluate business and IT risks
• Developing IT security standards, procedures, and controls for data collection, data management, and risk management.
• Supporting, assisting with the analysis of requirements and design of clients' information security posture, Regulatory and Scheme security requirements.
• Supporting the delivery of work streams for enterprises in compliance standards which is required to be supported and incident management disciplines.
• Performing and investigating internal and external information security risk and exceptions assessments.
• Assessing incidents, vulnerability management, scans, patching status, secure baselines, penetration test result, phishing, and social engineering tests and attacks.
• Provides remediation guidance and prepares management reports to track remediation activities.
• Staying current on best practices and technological advancements and acts as a technical resource for security assessment and regulatory compliance.
• Performing other related duties as assigned from time to time based on the business requirements.
• 12+ years of total industry experience and more than 5+ years of DevSecOps experience
• Cloud Security implementation tools experience
• Understanding on DevSecOps security, landing zone, cloud infrastructure and cloud native services
• Good domain expertise of cloud infrastructure compute, network, and storage as well as the cloud control plane
• Good Knowledge of virtualization, containers, service-mesh, and enterprise service business
• Good Experience with structured Enterprise Architecture practices, cloud deployments, and on
• Good Knowledge and understanding of key differences between most popular cloud provider solutions and cloud orchestration tools
• Troubleshooting and analytical skills
• Good communication and collaboration skills

Orion is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, national origin, citizenship status, disability status, genetic information, protected veteran status, or any other characteristic protected by law.

Candidate Privacy Policy

Orion Systems Integrators, LLC and its subsidiaries and its affiliates (collectively, “Orion,” “we” or “us”) are committed to protecting your privacy. ThisCandidate Privacy Policy (orioninc.com) (“Notice”) explains:

• What information we collect during our application and recruitment process and why we collect it;
• How we handle that information; and
• How to access and update that information.

Your use of Orion services is governed by any applicable terms in this notice and our generalPrivacy Policy .