Position: DevSecOps Engineer

Reports To: Manager, DevOps

Department: Information Services

Supervisory Role: No

 

Compensation Range: $82,000 – $98,400

Location: Remote, U.S.
FLSA Status: Full-Time, Exempt

 

POSITION OVERVIEW

The DevSecOps Engineer is responsible for building, securing, and maintaining cloud infrastructure with a focus on Microsoft Azure. This role develops and supports Infrastructure as Code (IaC), automates system deployment and patching processes, and implements security controls to ensure environment stability, consistency, and compliance. The engineer designs and maintains core cloud services, manages identity and access configurations, and ensures the secure handling of secrets and credentials across systems.

 

This position collaborates with infrastructure, data, and security teams to support operational requirements and platform modernization initiatives. The ideal candidate has hands-on experience with Azure resource management, RBAC, patching automation, and monitoring, and is able to evaluate and integrate emerging technologies, including AI-assisted solutions, to improve efficiency, reliability, and overall system performance.

 

ESSENTIAL DUTIES & RESPONSIBILITIES

50% | Cloud Infrastructure Engineering & Automation

  • Convert existing Azure resources into modular, reusable Bicep templates.
  • Develop and maintain IaC for core infrastructure components (e.g., VMs, VNets, NSGs, Firewalls, RBAC).
  • Build and maintain CI/CD workflows for infrastructure deployments using GitHub or Azure DevOps.
  • Validate changes using safe deployment practices (e.g., “what-if” preview modes).
  • Maintain current OS and platform versions and implement automated patch management for Azure VMs and remote devices.
  • Build and maintain standardized “golden images” for consistent VM provisioning.
  • Harden identity and infrastructure environments, including Active Directory and Azure RBAC configurations.
  • Evaluate and adopt AI-driven tools and workflows to improve automation, monitoring, and provisioning.

 

30% | Security, Compliance & Monitoring

  • Implement Azure Key Vault for secure management of credentials, certificates, and application secrets.
  • Enforce and audit least-privilege access across systems, databases, and services.
  • Configure Conditional Access policies in Azure Entra ID to strengthen authentication controls.
  • Develop monitoring dashboards to track patch compliance, system health, and security posture.
  • Integrate SIEM capabilities and assist in responding to automated alerts and security threats.
  • Support responses to customer and stakeholder security questionnaires and contribute to documentation and process development to meet SOC 2 requirements.

 

20% | Collaboration, Documentation & Operational Support

  • Document infrastructure standards, IaC modules, patching procedures, and access models.
  • Share knowledge and collaborate with IT, Data Engineering, Analytics, and Security teams to support joint workflows.
  • Contribute to CI/CD workflows supporting data pipelines and database artifacts.
  • Participate in cross-training within the DevOps team and provide coverage as needed.

 

KNOWLEDGE, SKILLS, & EXPERIENCE

Education & Experience

  • Bachelor’s degree in Computer Science, Information Systems, or a related field or relevant professional experience may be considered.
  • Minimum of 4 years’ experience in Azure infrastructure engineering, DevOps, or cloud security.
  • Minimum of 3 years’ experience using IaC tools such as Bicep, ARM templates, or Terraform.
  • Minimum of 3 years’ experience building and maintaining CI/CD pipelines in GitHub or Azure DevOps.

 

Technical Skills

  • Strong knowledge of Azure networking (including VNets, NSGs, Firewalls) and RBAC implementation.
  • Experience with Windows Server administration, automated patching workflows, and compliance tracking.
  • Experience with Azure Key Vault or comparable secrets management tools.
  • Proficiency in PowerShell and/or Azure CLI scripting for automation.
  • Familiarity with EDR or SIEM tooling (e.g., SentinelOne, Adlumin, Microsoft Sentinel).
  • Ability to evaluate and integrate emerging or AI-assisted technologies to enhance automation and monitoring workflows.

 

Preferred Experience

  • Experience with Azure SQL performance optimization and/or elastic pool management.
  • Familiarity with Azure Data Factory, Databricks, or orchestration of data pipelines.
  • Experience applying or managing Azure Policy or similar governance frameworks.
  • Experience working in environments handling regulated or sensitive data (e.g., healthcare, nonprofit, SOC 2, HIPAA).

 

SUPERVISORY RESPONSIBILITIES

This position reports to the Manager, DevOps and does not have any direct reports.