Compliance Engineer
United States of America
Full Time
2 hours ago
No H1B
Key skills
PythonGoBashAWSTerraformKubernetesDockerArgoCDGitGitLabGitOpsRepositoryCI/CD
About this role
DecisionPoint Corporation is looking for a Compliance Engineer to join their Cloud Operations team, which is responsible for maintaining AWS cloud environments and supporting a DevSecOps platform. The role involves designing, implementing, and maintaining CI/CD pipeline security policies and collaborating with the infrastructure team to manage environments using Infrastructure as Code principles.
Responsibilities:
- Design, build, and maintain scalable and secure CI/CD pipelines in GitLab; from code commit to production deployment
- Implement and manage GitOps workflows for continuous delivery to RKE2 clusters using ArgoCD, ensuring the cluster state always reflects the Git repository
- Develop and maintain automation scripts and tools to streamline the software development lifecycle, reduce manual intervention, and improve developer productivity
- Integrate security best practices and automated testing (SAST, DAST, dependency scanning) into the CI/CD pipelines to ensure code quality and security compliance
- Collaborate with the infrastructure team to manage and provision environments using IaC principles and tools like Terraform
- Act as a subject matter expert on CI/CD, providing guidance and support to development teams on best practices for building, testing, and deploying their applications
- Perform updates to an AWS development environment that includes GitLab and various AWS services
- Develops Gitlab projects that enable software delivery, security scanning, secrets management, policy-as-code, and compliance automation
- Maintain and update application secrets
- Maintain SSL certificates for application software
Requirements:
- Active Secret clearance
- A minimum of 4 years' experience in creating GitLab security policy
- Expert-level knowledge of Git, including branching strategies and workflows
- Proven experience implementing and managing GitOps with ArgoCD
- Understanding of containerization (Docker) and Kubernetes orchestration
- Proficiency in scripting languages such as Bash, Python, or Go
- Experience with Infrastructure as Code (IaC), particularly Terraform
- DOD 8140 certification: IAT Level II or better (e.g., Security+ CE)