DevSecOps Engineer

Akkodis is seeking a DevSecOps Engineer for a Contract job with a client in Sandy Springs, GA. Ideally looking for applicants with a solid experience with AWS CDK ,Terraform ,Trivy ,Bash and Python.

Rate Range: $70/hour to $80/hour; The rate may be negotiable based on experience, education, geographic location, and other factors.

Key Responsibilities

• As our DevSecOps Engineer, you will: Design, build, secure, and maintain AWS cloud infrastructure using AWS CDK.
• Own and improve infrastructure as code standards, reusable CDK constructs, deployment patterns, and environment consistency.
• Support future infrastructure as code initiatives using Terraform, if adopted.
• Manage AWS environments across core services such as IAM, VPC, EKS, ECS, Lambda, API Gateway, CloudFront, WAF, Route 53, S3, RDS, KMS, Secrets Manager, CloudWatch, Security Hub, GuardDuty, and AWS Config.
• Manage and harden Kubernetes environments, including EKS clusters, container runtimes, workload identities, ingress controls, network policies, and image security.
• Own cloud networking architecture, including VPCs, subnets, routing, security groups, private endpoints, WAF, and zero trust access controls.
• Implement and enforce least-privilege IAM policies across AWS accounts, services, applications, and CI/CD workflows.
• Build, maintain, and secure CI/CD pipelines using GitHub Actions.
• Integrate security controls into CI/CD workflows, including Trivy, SAST, DAST, dependency scanning, container image scanning, infrastructure scanning, and secrets detection.
• Use Datadog for logging, monitoring, alerting, dashboards, threat detection, and incident investigation.
• Write and maintain automation scripts in Bash and Python to support AWS operations, CI/CD workflows, vulnerability management, security monitoring, and recurring operational tasks.
• Support shift-left security by making secure development and deployment practices easy for developers to adopt.
• Manage vulnerability management, patching cadence, and remediation tracking across infrastructure, containers, and application environments.
• Conduct internal security assessments and coordinate external penetration tests and security reviews.
• Respond to security incidents, lead post-mortems, document lessons learned, and drive remediation.
• Support and maintain compliance programs, including SOC 2 Type II, PCI-DSS, and relevant financial technology requirements.
• Own evidence collection, control mapping, auditor communication, and compliance documentation.
• Maintain encryption-at-rest, encryption-in-transit, data residency, and key management standards.
• Partner with legal, product, and engineering teams to assess third-party vendor security risk.
• Produce practical runbooks, threat models, architecture diagrams, and security documentation that engineering teams can actually use.
• Run periodic security awareness and secure engineering training sessions.

Desired Qualifications:

• ·5+ years of combined DevOps, cloud infrastructure, security engineering, DevSecOps, or platform engineering experience.
• Deep hands-on AWS experience, including production experience managing AWS infrastructure at scale.
• Strong hands-on experience with AWS CDK is required.
• Working experience with Terraform is strongly preferred, as Momnt may use Terraform for future infrastructure projects.
• Strong understanding of AWS DevOps practices, including CI/CD, IAM, networking, observability, deployment automation, and infrastructure lifecycle management.
• Strong experience with GitHub Actions and secure CI/CD pipeline design.
• Hands-on experience with Trivy for vulnerability scanning, container image scanning, dependency scanning, or infrastructure scanning.
• Practical experience with SAST and DAST tools and how to integrate them into developer workflows.
• Familiarity with Datadog for observability, alerting, logging, dashboards, and security investigations.
• Strong hands-on scripting experience with Bash and Python for automation, infrastructure operations, security tooling, and CI/CD workflows.
• Experience securing containerized workloads using Docker and Kubernetes, preferably EKS.
• Experience implementing security gates in CI/CD pipelines without creating unnecessary friction for developers.
• Practical knowledge of compliance frameworks such as SOC 2, PCI-DSS, or equivalent.
• Experience with vulnerability management, patch management, security monitoring, and incident response.
• Ability to independently own security tooling selection, implementation, and day-to-day operations.
• Comfort operating independently in an ambiguous, fast-moving startup environment.
• Strong communication skills and the ability to work directly with developers, auditors, and leadership.

Equal Opportunity Employer/Veterans/Disabled

Benefit offerings available for our associates include medical, dental, vision, life insurance, short-term disability, additional voluntary benefits, an EAP program, commuter benefits, and a 401K plan. Our benefit offerings provide employees the flexibility to choose the type of coverage that meets their individual needs. In addition, our associates may be eligible for paid leave including Paid Sick Leave or any other paid leave required by Federal, State, or local law, as well as Holiday pay where applicable. Disclaimer: These benefit offerings do not apply to client-recruited jobs and jobs that are direct hires to a client.

To read our Candidate Privacy Information Statement, which explains how we will use your information, please visit https://www.akkodis.com/en/privacy-policy.

The Company will consider qualified applicants with arrest and conviction records in accordance with federal, state, and local laws and/or security clearance requirements, including, as applicable:

· The California Fair Chance Act

· Los Angeles City Fair Chance Ordinance

· Los Angeles County Fair Chance Ordinance for Employers

· San Francisco Fair Chance Ordinance