C2C Hiring – Azure DevSecOps Engineer – Cary, NC / HYBRID

Role:                              Azure DevSecOps Engineer
Location:                     Cary, NC / HYBRID
Duration:                     Long Term Project
Experience:                10+

Job Role and Responsibilities:
DevSecOps Engineer to join our team and take ownership of implementing and maintaining secure DevOps pipelines and infrastructure across multicloud platforms including Azure The ideal candidate will possess a deep understanding of modern DevOps principles infrastructure as code IaC cloudnative security tools and be proficient in integrating security into every stage of the software development lifecycle SDLC You will be responsible for establishing and enforcing DevSecOps best practices automating security scans in CICD pipelines and collaborating with development operations and security teams to improve overall application and infrastructure security posture This role is handson and strategic focusing on the endtoend security of cloud infrastructure CICD pipelines applications containers and thirdparty dependencies

Key Roles and Responsibilities:
DevSecOps Pipeline Automation Design and implement CICD pipelines with integrated security checks across Azure DevOps GitHub Actions GitLab and Jenkins Automate security gates for SAST DAST SCA secrets scanning and container security using tools like Veracode Snyk OWASP ZAP Aqua Trivy and Checkov Define policies and integrate them as code to enable scalable secure deployments MultiCloud Security Architecture Secure cloud infrastructure in Azure using native services Implement network security data encryption identity access management IAM and secure VPC configurations Infrastructure as Code IaC Security Use Terraform Bicep Pulumi or CloudFormation to build and manage secure infrastructure Apply CIS benchmarks NIST standards and integrate tools like OPA Open Policy Agent and Conftest to enforce IaC security Conduct IaC scanning for misconfigurations using tools like Checkov tfsec

Collaboration and Mentoring Collaborate with development teams to define secure coding standards and perform secure code reviews Mentor junior DevOps and security engineers on secure development and deployment practices Evangelize a Security as Code culture across the organization Required Skills Toolsets Cloud Platforms Microsoft Azure Key Vault Defender for Cloud Azure DevOps Sentinel