Position: Senior DevSecOps Engineer – GIS ApplicationsJob Type: 12+ Months ContractLocation: Remote (Must work PST hours: 9 AM – 5 PM)Rate: Competitive / hr. W2 or C2C Role Synopsis: This position requires the ability to bridge platform-specific needs with enterprise cybersecurity policies. For example, when infrastructure teams request exceptions to standard cloud access models, this engineer will validate those needs and identify secure alternatives that align with best practices. This role is ideal for experienced professionals who excel at driving security across cloud-native, GIS-centric platforms and who can work hands-on with both technical and business teams to ensure resilient, compliant, and scalable solutions. We are seeking a highly seasoned DevSecOps Engineer (15+ years) to join our Cybersecurity Application Platform Security Team in support of a major business transformation initiative involving Geographic Information Systems (GIS). The ideal candidate will bring deep technical expertise in cloud security (especially AWS), DevSecOps practices, and GIS applications such as ArcGIS. This is a hands-on and strategic role focused on embedding security into design, deployment, and operational phases—ensuring “secure by design” and “secure by default” principles throughout the software development lifecycle. Must-Have Requirements: 15+ years of IT experience, including 5+ years in security engineering, and 3+ years specifically in DevSecOps or cloud security roles. Strong hands-on experience with AWS security best practices, including IAM, encryption, secure networking, and cloud-native security tools. Experience working with GIS applications, particularly ArcGIS, in secure cloud environments. Deep understanding of CI/CD pipelines, with practical implementation of policy-as-code and compliance-as-code. Familiarity with code scanning, static analysis, and secure code review practices. Experience enforcing network security controls such as VPCs, NACLs, security groups, and zero-trust configurations. Knowledge of data protection, including securing data at rest and in transit. Key Responsibilities: Collaborate with GIS and infrastructure teams to embed security into design and deployment of GIS applications in the cloud. Implement DevSecOps frameworks and automated security testing within CI/CD pipelines. Validate IAM roles, identity federation, and access control to meet enterprise and compliance standards. Perform security reviews of custom and COTS GIS solutions, including ArcGIS. Assess and secure cloud infrastructure (e.g., SSH alternatives, encryption strategies) against enterprise policies. Guide stakeholders in secure architectural decisions and risk mitigation strategies. Monitor and report on DevSecOps-specific KPIs, KRIs, and overall security posture. Collaborate with internal security operations (SIOC) for threat modeling, vulnerability scanning, and incident response readiness. Preferred Qualifications (Optional): Certifications: AWS Certified Security – Specialty, CISSP, CEH, or other DevSecOps credentials. Experience with multi-cloud or hybrid cloud security architecture. Familiarity with infrastructure-as-code tools like Terraform or CloudFormation. Experience with container security (Docker, Kubernetes) and microservices environments. Understanding of regulatory compliance in GIS-heavy industries (e.g., utilities, public sector). Soft Skills: Strong communication and collaboration skills with the ability to influence technical and non-technical teams. A proactive, security-first mindset with the ability to balance business goals and risk management. Comfortable working in fast-paced environments and adapting to evolving security challenges. Job Type: Contract Pay: Up to $80.00 per hour Schedule: 8 hour shift People with a criminal record are encouraged to apply Work Location: Remote