Senior DevSecOps Engineer – Security Hardening

NexGen Media

Contract · Flexible hours

About the role

NexGen Media is launching a secure micro‑services platform and needs a senior DevSecOps Engineer to embed security throughout the CI/CD pipeline. You will work closely with developers and security analysts to automate compliance, harden container images, and ensure continuous monitoring.

Key responsibilities

• Design and implement automated security checks in Jenkins/GitHub Actions pipelines.
• Integrate vulnerability scanning tools (e.g., Trivy, Snyk) for Docker images.
• Configure IaC security policies for AWS resources using Terraform and CloudFormation.
• Develop runtime security controls and incident response playbooks.
• Collaborate with developers to remediate findings and improve secure coding practices.
• Maintain audit logs and generate compliance reports.

Must-have skills

• Extensive experience with CI/CD tools and container orchestration.
• Deep knowledge of AWS security services and IAM.
• Proficiency in scripting (Python/Bash) for automation.
• Hands‑on experience with vulnerability scanning and secret management.
• Strong understanding of DevSecOps principles and secure software development lifecycle.

Nice to have

• Experience with serverless security patterns.
• Familiarity with compliance frameworks such as SOC 2 or ISO 27001.