Role Overview
As an AWS DevSecOps Engineer, you will play a key role in designing and maintaining secure, scalable cloud infrastructures. You will embed security practices throughout the development lifecycle, ensuring compliance and resilience in cloud-native applications and pipelines.
Key Responsibilities
Architect, implement, and manage secure AWS cloud environments.
Integrate security controls into CI/CD pipelines, ensuring continuous compliance.
Automate infrastructure deployment with Infrastructure as Code (IaC) tools (e.g., Terraform, CloudFormation).
Collaborate with development teams to embed DevSecOps principles across projects.
Monitor, detect, and remediate security vulnerabilities in cloud environments.
Ensure compliance alignment with HIPAA, SOC 2, ISO 27001, and PCI frameworks.
Required Qualifications
AWS Certified Solutions Architect (Associate or Professional)
What is a vCISO?
A Virtual Chief Information Security Officer (vCISO) is an outsourced executive-level resource who provides strategic leadership for information security programs on a part-time, flexible basis. Unlike a traditional full-time CISO, a vCISO engagement is fractional, meaning clients get access to senior-level expertise tailored to their needs—whether that’s a few hours per week or on an as-needed project basis. This model offers organizations the benefit of executive-level guidance without the cost and commitment of hiring a dedicated full-time CISO.
Role Overview
As a vCISO, you will provide strategic and technical leadership across cybersecurity initiatives. You will develop and maintain policies, ensure governance and compliance, and align AWS cloud environments with best practices for security and risk management. This role involves guiding clients in improving their security posture while managing ongoing regulatory and business requirements.
Key Responsibilities
Act as a trusted advisor and security leader for multiple clients on a fractional basis.
Design, implement, and oversee cybersecurity programs tailored to client needs.
Develop, update, and enforce security policies, standards, and procedures.
Guide organizations in compliance readiness for HIPAA, SOC 2, ISO 27001, and PCI-DSS.
Oversee secure architecture and security controls in AWS cloud environments.
Embed security practices into CI/CD pipelines and DevOps processes.
Conduct risk assessments, gap analyses, and incident response planning.
Communicate security priorities and strategies to client leadership and technical teams.
Provide ongoing reporting, documentation, and roadmap planning for security programs.
Required Qualifications
Experience serving in CISO, Deputy CISO, or senior-level security leadership roles.
Deep knowledge of AWS security services (IAM, GuardDuty, Security Hub, CloudTrail, WAF, KMS).
Strong background in regulatory compliance frameworks (HIPAA, SOC 2, ISO 27001, PCI-DSS).
Expertise in policy and documentation development for security governance.
Familiarity with DevSecOps practices and cloud-native security.
Excellent communication and client-facing skills, with ability to simplify complex security concepts for executive audiences.
Preferred Skills
AWS Certified Solutions Architect or Security Specialty certification.
Hands-on experience with monitoring, SIEM, and incident response solutions.
Experience working with small and medium-sized organizations, particularly in healthcare and professional services.
Track record of building scalable security programs from the ground up.
What We Offer
Flexible, fractional engagement—hours tailored to client and project needs.
Opportunity to work across diverse industries and client environments.