Contract: DevSecOps Engineer

Upwork ($UPWK) is the world’s work marketplace. We serve everyone from one-person startups to over 30% of the Fortune 100 with a powerful, trust-driven platform that enables companies and talent to work together in new ways that unlock their potential.  

Last year, more than $3.3 billion of work was done through Upwork by skilled professionals who are gaining more control by finding work they are passionate about and innovating their careers. 

This is an engagement through Upwork’s Hybrid Workforce Solutions (HWS) Team. Our Hybrid Workforce Solutions Team is a global group of professionals that support Upwork’s business. Our HWS team members are located all over the world.

Work/Project Scope:

Are you a seasoned professional who thrives in high-pressure environments and possesses exemplary written and verbal communication skills? We seek a dynamic individual with a proven track record of explaining complex technical concepts to non-technical stakeholders. As a DevSecOps Engineer, you will be a proactive self-starter, adept at navigating rapidly evolving work environments.

• Develop risk-based mitigation strategies for infrastructure, platforms, operating systems, and applications.

• Assist with application security vulnerability identification and remediation efforts.

• Design and implement automation in Enterprise Cloud Services, such as testing/certification, delivery, and management/run.

• Hands-on experience creating automation using APIs from AWS, Azure, or Google Cloud

• Strong experience with cloud virtualization technologies: Docker, AWS, and Packer

• Experience with automated test frameworks/tools such as Test Kitchen, InSpec, Jenkins, SonarQube, etc.

Must Haves (Required Skills):

• In-depth understanding of Secure Software Development Life Cycle (SSDLC).

• Advanced organizational, planning, and time management skills.

• Exceptional communication, presentation, and analytical abilities.

• Substantial expertise using AWS technologies such as IAM (Users, Roles, and Policies), SSM, KMS, AWS Config, GuardDuty, Lambda, CloudFormation, CloudTrail, and Cloudwatch.

• Comprehensive experience securely deploying AWS ECS, EKS, and EC2 applications using Argo or Tekton.

• Proficient in Linux system administration with a strong emphasis on Ubuntu, showcasing expertise in server deployment, configuration, and maintenance with in-depth knowledge of access control, package management, and troubleshooting.

• Significant expertise in creating scripts with Python, Ruby, or Perl from scratch.

• Extensive experience creating Terraform modules, Cloudformation stacks, Chef cookbooks, or Ansible playbooks from scratch.

• Hands-on expertise in automation using AWS or Google Cloud APIs.

• Strong understanding of CI/CD pipelines using Jira, TekTon, or Cloudformation.

• Experience in Source Version Control Systems such as Bitbucket, GitHub, or Artifactory.

• Deep understanding of cloud security best practices.

• Knowledge and Usage of NIST 800-53, AWS CIS 1.4, ISO 27017, or CSA CCM frameworks.

• Over five years of hands-on experience in IAAS and PAAS on a global scale.

Upwork is proudly committed to fostering a diverse and inclusive workforce. We never discriminate based on race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical condition), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.