Senior Cloud DevSecOps Engineer

About Flynaut LLC

Flynaut is a global leader in digital transformation, partnering with startups, SMEs, and large enterprises across various industries since 2004. Our team of passionate professionals transforms visionary ideas into groundbreaking realities by delivering cutting-edge mobile apps, robust web platforms, and comprehensive IT solutions. With expertise in healthcare, finance, education, retail, and more, we craft tailored solutions that exceed expectations. We prioritize innovation and quality, building lasting relationships based on trust and transparency, and have successfully delivered hundreds of projects that drive tangible business outcomes.

We are seeking a highly skilled and forward-thinking Senior Cloud DevSecOps Engineer to join our clients dynamic team. This role demands deep technical expertise across cloud platforms, security-first DevOps practices, and modern infrastructure tooling. You will work closely with development, security, and operations teams to ensure the seamless, secure, and scalable delivery of software systems. The ideal candidate thrives in fast-paced environments, embraces automation, and is passionate about continuous improvement and innovation.

Responsibilities

• Collaborate with cross-functional teams to ensure secure, reliable, and high-performing software delivery.
• Design, implement, and maintain end-to-end CI/CD pipelines using tools like Jenkins, GitHub Actions, GitLab CI, Azure DevOps, and ArgoCD.
• Architect and manage multi-cloud infrastructure (AWS, Azure, GCP) using Infrastructure as Code (IaC) tools such as Terraform, Pulumi, and AWS CloudFormation.
• Implement container orchestration with Kubernetes (EKS, AKS, GKE), including Helm charts, Operators, and service meshes (Istio, Linkerd).
• Develop and enforce DevSecOps policies including vulnerability scanning, secrets management, and compliance automation using tools like Snyk, Aqua Security, HashiCorp Vault, and Open Policy Agent (OPA).
• Integrate security controls into CI/CD workflows (e.g., code signing, SBOM generation, DAST/SAST scanning).
• Build and maintain monitoring and observability stacks using Prometheus, Grafana, ELK/EFK, Datadog, New Relic, and OpenTelemetry.
• Automate infrastructure provisioning, configuration management, and patching using Ansible, Chef, Puppet, and SaltStack.
• Manage API gateways, service discovery, and traffic routing using tools like Kong, NGINX, Envoy, and AWS API Gateway.
• Implement disaster recovery, backup strategies, and high availability architectures.
• Optimize cloud resources for security, performance, scalability, and cost-efficiency.
• Contribute to internal tooling and open-source projects that enhance DevSecOps capabilities.
• Stay current with emerging technologies in cloud-native security, platform engineering, and software supply chain integrity.

Experience & Skills

• Proven experience designing and supporting scalable, highly available, and secure systems in production environments.
• Deep understanding of DevSecOps principles, including shift-left security, zero trust architecture, and secure SDLC.
• Expertise in CI/CD tooling and automation across multiple platforms (mobile, web, microservices, APIs).
• Advanced knowledge of Kubernetes internals, container runtimes (Docker, containerd), and Linux namespaces/cgroups.
• Proficiency in scripting (Bash, PowerShell) and programming languages such as Python, Go, Java, Kotlin, C++, or JavaScript.
• Strong grasp of networking protocols (TCP/IP, HTTP/HTTPS, DNS, TLS, IPSec) and cloud networking (VPCs, subnets, firewalls).
• Hands-on experience with cloud-native security tools (e.g., AWS GuardDuty, Azure Security Center, GCP Security Command Center).
• Familiarity with GitOps workflows and tools like FluxCD and ArgoCD.
• Experience with artifact repositories and package managers (JFrog Artifactory, Nexus, npm, Maven).
• Knowledge of software supply chain security including SBOMs, provenance, and attestation frameworks (in-toto, Sigstore).
• Strong analytical and troubleshooting skills with a proactive approach to incident response and root cause analysis.

Education

• Bachelor’s or Master’s Degree in Computer Science, Information Technology, Engineering, Cybersecurity, or a related technical field.
• Equivalent practical experience in DevSecOps, cloud engineering, or platform operations will also be considered.