Principal DevSecOps Engineer.

Location: Remote (USA).
Salary: $182,000 - $214,000.
Employer: GHX.

Responsibilities:
• Act as the technical lead for the DevSecOps CoE, driving strategy and execution of security, automation, and observability practices.
• Design and maintain reusable CI/CD frameworks, IaC modules, and security guardrails for consistent adoption across all product lines.
• Define, document, and enforce DevSecOps standards, policies, and best practices.
• Mentor embedded DevSecOps engineers and provide guidance on pipeline design, automation, cost optimization and compliance.
• Architect and optimize CI/CD pipelines (GitHub Actions, GitLab CI, ArgoCD, Jenkins, Artifactory, Veracode) to enable frequent, secure deployments.
• Integrate SAST, SCA, DAST, and container scanning into delivery workflows.
• Establish GitOps practices using Terraform, Pulumi, or Crossplane for infrastructure provisioning.
• Track and drive improvements in DORA metrics (deployment frequency, lead time, MTTR, change failure rate).
• Implement “shift-left” security by embedding security testing and compliance automation into pipelines.
• Partner with Security and SRE teams to enforce SLIs, SLOs, and error budgets in delivery pipelines.
• Advance unified observability initiatives by integrating New Relic, Datadog, Prometheus, Grafana, OpenTelemetry, and CloudWatch into pipelines.
• Ensure compliance with HIPAA, SOC2, GDPR, and internal governance frameworks.
• Build cost-awareness into CI/CD and IaC workflows by embedding FinOps checks and cost gates.
• Collaborate with FinOps and Cloud teams to enforce cost tagging, rightsizing, and efficiency standards.
• Provide insights and automation for cloud cost optimization across AWS services (EKS, ECS, EC2, S3, RDS, containers).
• Partner with Engineering, Product, SRE, and Security leaders to align on standards and frameworks.
• Drive knowledge sharing and enablement through playbooks, templates, documentation, and internal CoP (Community of Practice) sessions.
• Act as the escalation point for complex DevSecOps technical challenges across teams.

Requirements:
• 15+ years in DevOps, Cloud, or Security Engineering, with expert-level technical leadership in DevSecOps.
• Strong expertise in CI/CD pipeline design, automation, and governance.
• Hands-on with CI/CD tools: GitHub Actions, GitLab CI, ArgoCD, Artifactory, Jenkins, Veracode, SonarQube.
• Deep experience with cloud security and AWS services (IAM, KMS, GuardDuty, Security Hub, CloudTrail).
• Proficiency in containers & orchestration (Docker, Kubernetes, EKS, ECS).
• Strong hands-on with Infrastructure-as-Code and GitOps (Terraform, Pulumi, Crossplane, CloudFormation).
• Familiarity with observability platforms (New Relic, Datadog, Prometheus, Grafana, OpenTelemetry, CloudWatch).
• Programming/scripting expertise in Python, Go, C#, and shell scripting.
• Knowledge of DORA metrics and proven success in improving delivery performance.
• Practical experience with FinOps practices and cost governance.

⚡ %contact_placeholder%

#Удаленка #DevSecOps