DevSecOps / Cloud Security Engineer
Project Overview:The purpose of this is to procure qualified resource to design, implement, and enhance the State of Missouri's enterprise cloud security capabilities across multi-cloud environments. This includes advancing security architecture, automation, governance, and compliance to protect State data and systems. This engagement will support the development of scalable, policy-driven security solutions, including Infrastructure as Code (IaC), DevSecOps integration, identity and access management, and centralized monitoring. Additionally, this effort will strengthen enterprise security governance, including the establishment and enforcement of controls related to artificial intelligence (AI), automated decision-making systems, and emerging technologies.Core ResponsibilitiesInfrastructure as Code (IaC)Build Terraform modules and reusable IaC templatesImplement policy-driven infrastructure deployment standardsMaintain secure and compliant cloud deployment automationSecurity Automation Develop security automation scripts and workflowsBuild event-driven incident response automationSupport orchestration and remediation workflowsDevSecOps & CI/CD Security Integrate security tools into CI/CD pipelinesImplement vulnerability scanning and compliance validationSupport automated DevSecOps processesMonitoring & Alerting Implement logging, monitoring, and alerting solutionsSupport unified observability capabilitiesConfigure cloud-native monitoring toolsDocumentation & Operational Support Create technical implementation documentationSupport operational runbooksParticipate in knowledge transfer sessionsProvide weekly/monthly status reportingTop Skills: IAMTerraformAutomationMonitoringDevSecOpsMulti-cloud securityExperience Requirements 3+ years hands-on cloud security experienceExperience with AWS, Azure, or GCP5+ years' experience with: Terraform or equivalent IaC toolsNetwork securityLogging, monitoring, and alertingIAM implementationStrongly Evaluated SkillsSkillsCandidate Experience (Years)NotesHands-on Cloud Security Experience (Required 3+ Years)AWS / Azure / GCP SecurityTerraform / CloudFormation / Infrastructure as Code (IaC) (Required 5+ Years)CI/CD Security IntegrationSecurity Automation Scripts & WorkflowsIAM Configuration & Access Controls (Required 5+ Years)Monitoring, Logging & Alerting Solutions (Required 5+ Years)Security Scanning & Compliance ValidationSecure Cloud Networking / Network Security (Required 5+ Years)Configuration Baselines & Policy-as-CodeAutomated Incident Response & RemediationPython / Bash / PowerShell ScriptingSecurity Tool Integration into CI/CD PipelinesCSPM PlatformsAI/ML Security & Governance ExposureTechnical Documentation & Knowledge TransferGovernment / State Cloud ExperienceAWS / Azure / GCP Certifications