Maverc Technologies
DevSecOps Engineer
⭐ - Featured Role | Apply direct with Data Freelance Hub
This role is for a DevSecOps Engineer with 5+ years of experience, focusing on ecommerce platforms. Contract length is unspecified, with a remote work location. Key skills include CI/CD tools, cloud security, and scripting. Experience with PCI DSS compliance is required.
🌎 - Country
United States
💱 - Currency
Unknown
-
💰 - Day rate
Unknown
-
🗓️ - Date
January 6, 2026
🕒 - Duration
Unknown
-
🏝️ - Location
Remote
-
📄 - Contract
Unknown
-
🔒 - Security
Unknown
-
📍 - Location detailed
Miami, FL
-
🧠 - Skills detailed
#Logging #Docker #Python #Bash #DevOps #Infrastructure as Code (IaC) #Scala #PCI (Payment Card Industry) #Cloud #AWS (Amazon Web Services) #Security #WAF (Web Application Firewall) #Prometheus #Kubernetes #Scripting #Azure DevOps #Terraform #Jenkins #GCP (Google Cloud Platform) #Datadog #GitHub #Compliance #Grafana #Automation #Azure #Monitoring #Automated Testing #GitLab #DevSecOps
Role description
Overview
We are seeking an experienced DevSecOps Engineer with a strong background in ecommerce environments to help design, implement, and maintain secure, scalable, and highly available CI/CD pipelines and cloud infrastructure. This role will work closely with development, security, and operations teams to embed security throughout the software development lifecycle while supporting high-traffic, revenue-generating platforms.
The ideal candidate understands the unique challenges of ecommerce systems, including payment security, high availability, rapid release cycles, and regulatory compliance.
Key Responsibilities
Design, implement, and maintain secure CI/CD pipelines for ecommerce applications.
Embed security controls and automated testing (SAST, DAST, SCA, IaC scanning) into the SDLC.
Support cloud-based ecommerce platforms with a focus on scalability, availability, and performance.
Implement and manage infrastructure as code (IaC) using tools such as Terraform, CloudFormation, or ARM.
Collaborate with development teams to securely deploy and maintain ecommerce applications and APIs.
Ensure secure handling of payment systems, customer data, and integrations with third-party vendors.
Monitor, detect, and respond to security events within production and non-production environments.
Implement and maintain secrets management, certificate management, and key rotation.
Support compliance efforts related to PCI DSS, SOC 2, ISO 27001, or similar frameworks.
Perform threat modeling and risk assessments for new ecommerce features and integrations.
Improve system reliability through automation, monitoring, and incident response practices.
Participate in on-call rotations and support production releases as needed.
Requirements
5+ years of experience in DevOps or DevSecOps roles.
Hands-on experience supporting ecommerce platforms, including Swell, Shopify, Magento, BigCommerce, or custom ecommerce solutions.
Integrate and manage Cloudflare services (WAF, CDN, DDoS protection, Zero Trust access, bot management) to protect and optimize ecommerce applications
Strong experience with CI/CD tools (GitHub Actions, GitLab CI, Jenkins, Azure DevOps, etc.).
Experience securing cloud environments (AWS, Azure, and/or GCP).
Solid understanding of web application security and OWASP Top 10.
Experience with containerization and orchestration (Docker, Kubernetes).
Familiarity with SAST, DAST, and dependency scanning tools (e.g., Snyk, Checkmarx, Veracode).
Strong scripting skills (Bash, Python, or similar).
Experience with monitoring and logging tools (Prometheus, Grafana, ELK/Elastic, Datadog).
Understanding of PCI DSS requirements and secure payment processing workflows.
Overview
We are seeking an experienced DevSecOps Engineer with a strong background in ecommerce environments to help design, implement, and maintain secure, scalable, and highly available CI/CD pipelines and cloud infrastructure. This role will work closely with development, security, and operations teams to embed security throughout the software development lifecycle while supporting high-traffic, revenue-generating platforms.
The ideal candidate understands the unique challenges of ecommerce systems, including payment security, high availability, rapid release cycles, and regulatory compliance.
Key Responsibilities
Design, implement, and maintain secure CI/CD pipelines for ecommerce applications.
Embed security controls and automated testing (SAST, DAST, SCA, IaC scanning) into the SDLC.
Support cloud-based ecommerce platforms with a focus on scalability, availability, and performance.
Implement and manage infrastructure as code (IaC) using tools such as Terraform, CloudFormation, or ARM.
Collaborate with development teams to securely deploy and maintain ecommerce applications and APIs.
Ensure secure handling of payment systems, customer data, and integrations with third-party vendors.
Monitor, detect, and respond to security events within production and non-production environments.
Implement and maintain secrets management, certificate management, and key rotation.
Support compliance efforts related to PCI DSS, SOC 2, ISO 27001, or similar frameworks.
Perform threat modeling and risk assessments for new ecommerce features and integrations.
Improve system reliability through automation, monitoring, and incident response practices.
Participate in on-call rotations and support production releases as needed.
Requirements
5+ years of experience in DevOps or DevSecOps roles.
Hands-on experience supporting ecommerce platforms, including Swell, Shopify, Magento, BigCommerce, or custom ecommerce solutions.
Integrate and manage Cloudflare services (WAF, CDN, DDoS protection, Zero Trust access, bot management) to protect and optimize ecommerce applications
Strong experience with CI/CD tools (GitHub Actions, GitLab CI, Jenkins, Azure DevOps, etc.).
Experience securing cloud environments (AWS, Azure, and/or GCP).
Solid understanding of web application security and OWASP Top 10.
Experience with containerization and orchestration (Docker, Kubernetes).
Familiarity with SAST, DAST, and dependency scanning tools (e.g., Snyk, Checkmarx, Veracode).
Strong scripting skills (Bash, Python, or similar).
Experience with monitoring and logging tools (Prometheus, Grafana, ELK/Elastic, Datadog).
Understanding of PCI DSS requirements and secure payment processing workflows.
