AWS DevSecOps Engineer

At INVID, we're seeking a highly skilled and motivated AWS DevOps Engineer to drive the automation, scalability, and reliability of our cloud infrastructure. This role is pivotal in bridging development and operations, ensuring seamless CI/CD pipelines, secure deployments, and robust cloud architecture within the AWS ecosystem.

The ideal candidate is passionate about infrastructure as code, cloud-native technologies, and continuous improvement. You’ll work closely with development, QA, and security teams to implement best practices in DevOps and cloud security, while optimizing performance, cost, and resilience.

What sets INVID apart is our collaborative and flexible work environment. We encourage our team to raise the bar in everything they do while maintaining a healthy work-life balance. With our hybrid work model, team members thrive both in the office and remotely. We foster a culture of mutual respect, autonomy, and accountability, where your voice matters and your growth is supported. From structured career paths and paid professional development to access to industry events, we’re committed to your success.

Responsibilities: 

· Analyze the existing security posture of on-premises systems and applications.

· Define and implement security guidelines for AWS resource provisioning and migration.

· Configure secure AWS environments, including IAM roles, Security Groups, and VPC setups.

· Implement data encryption (at rest and in transit) using AWS Key Management Service (KMS) and SSL/TLS.

· Conduct security audits and penetration testing on migrated workloads.

· Implement AWS security tools like Inspector, Macie, and GuardDuty to ensure continuous monitoring.

· Design and implement secure CI/CD pipelines using AWS CodePipeline, CodeBuild, and CodeDeploy.

· Integrate security tools like AWS CodeGuru, SonarQube, or Aqua Security for automated code and vulnerability scanning.

· Build and manage secure infrastructure using IaC tools like Terraform, AWS CloudFormation, or CDK.

· Ensure IaC templates comply with security standards and policies.

· Enable continuous monitoring using AWS CloudWatch, CloudTrail, and Security Hub.

· Set up alerts and automated incident responses using AWS Config and Lambda.

· Implement compliance frameworks such as PCI DSS, HIPAA, or ISO 27001 using AWS Audit Manager.

· Regularly review security and compliance metrics and take corrective actions.

· Work closely with cloud engineers, application teams, and architects to embed security into every stage of the migration.

· Actively participate in Scrum ceremonies to support team objectives and sprint planning.

· Document security practices, playbooks, and incident response procedures.

· Educate team members on security tools, standards, and processes to ensure a security-first mindset.

· Knowledge in Wiz security tool.

Requirements:

· Minimum of 3+ year experience in a security engineering role, with experience in network security, application security, and security frameworks.

· Bachelor's degree in related area and / or equivalent experience / training.

· Expertise in AWS security tools such as IAM, Security Hub, GuardDuty, KMS, and AWS WAF.

· Strong understanding of VPC security, including Security Groups, NACLs, and VPN configurations.

· Experience integrating security tools into CI/CD pipelines for GitHub actions/workflow.

· Familiarity with container security for Docker and Kubernetes using Amazon EKS.

· Proficiency in using IaC tools like Terraform, AWS CloudFormation, or AWS CDK.

· Expertise in automating configuration management using tools like Ansible or Chef.

· Experience configuring AWS monitoring tools such as CloudWatch, CloudTrail, and Config Rules.

· Knowledge of compliance frameworks like NIST, CIS Benchmarks, and AWS Well-Architected Framework.

· Proficiency in scripting languages such as Python, Bash, or PowerShell for automation.

· Strong problem-solving and analytical skills.

· Excellent communication and teamwork abilities.

· Excellent computer proficiency including JIRA

Nice to have skills:

· Experience with advanced AWS services like Macie, Inspector, and AWS Detective.

· Knowledge of serverless security using AWS Lambda and API Gateway.

· Proficiency in securing Kubernetes workloads using Amazon EKS and tools like Aqua Security or Twistlock.

· Familiarity with threat modeling frameworks and tools like OWASP ZAP or Burp Suite.

· Expertise in identifying and mitigating vulnerabilities in cloud-based workloads.

· AWS Certified Security – Specialty or AWS Certified Solutions Architect – Associate.

· Relevant DevSecOps certifications such as Certified DevSecOps Professional.

· Ability to mentor and guide junior engineers in security best practices.

· Adaptability in dynamic project environments and ability to handle evolving security challenges.

Bilingual: English and Spanish

US Citizen | US Resident

Location: HYBRID in San Juan, PR 

EEO