DevSecOps Engineer

Role Description: As a DevSecOps Engineer, you will play a critical role in engineering secure, resilient, and scalable CI/CD platforms that enable Amgen's global digital initiatives. This position requires deep DevSecOps technical expertise, strong platform engineering capabilities, and the ability to collaborate and influence across diverse technology teams.

While hands-on DevSecOps experience is essential, candidates should also bring foundational programming skills to build automation and integrate security seamlessly into pipelines. This role blends technical execution with cross-team enablement and platform ownership, making it ideal for engineers with both a delivery and systems-thinking mindset

Roles & Responsibilities:

Engineering & Automation

• Design, code, and maintain secure CI/CD pipelines using GitLab CI in hybrid and multi-cloud environments.

• Write high-quality, reusable, and testable code in languages such as Python, Go, JavaScript, or Bash to automate CI/CD workflows, infrastructure provisioning, and security enforcement.

• Develop custom DevSecOps utilities, GitLab runners, and dynamic pipeline templates.

• Maintain and scale Infrastructure as Code (IaC) using Terraform, CloudFormation, and Ansible.

Security & DevOps Integration

• Integrate security automation tools (SAST, DAST, SCA, secrets scanning, IaC scanning) into the development and deployment pipelines.

• Build tooling for container and API security, including vulnerability scanning and policy enforcement.

• Partner with product security and cloud teams to implement RBAC, IAM, encryption, and compliance-by-design controls.

Observability & Reliability

• Develop and maintain monitoring and observability solutions using Dynatrace, Prometheus, Grafana, ELK, or similar tools.

• Drive implementation of SLOs, SLIs, and automated alerting within CI/CD workflows.

• Contribute to incident response and root cause analysis with a focus on long-term resilience through automation.

AI-Driven Enablement

• Support adoption of AI/ML-based DevSecOps tools for anomaly detection, policy enforcement, and risk forecasting.

• Work with platform leads to integrate intelligent insights into day-to-day operations.

Leadership & Collaboration

• Mentor junior engineers and DevOps practitioners, fostering a culture of secure coding and software craftsmanship.

• Lead technical design discussions, evaluate open-source and commercial tools, and influence technology decisions.

• Work closely with product owners, engineering teams, cybersecurity, and platform teams to define and align secure delivery models.

• Coordinate with external vendors and internal stakeholders to ensure alignment on DevSecOps objectives.

• Participate in Agile and SAFe delivery processes—including sprint planning, stand-ups, retrospectives, and PI planning—to ensure security and platform reliability are embedded across development cycles.

Basic Qualifications and Experience:

• Demonstrated 2+ year of practical experience building, maintaining, and securing CI/CD pipelines (preferably using GitLab CI or similar tools).

• Proven ability to develop automation scripts and tooling using languages like Python, Bash, Go, or JavaScript.

• Experience deploying and operating Infrastructure as Code (IaC) with Terraform or CloudFormation in cloud or hybrid environments.

• Direct involvement in integrating security tools (SAST, DAST, SCA, secrets scanning) into automated build and release workflows.

• Exposure to Kubernetes-based environments and monitoring toolchains such as Dynatrace, Grafana, or ELK is a plus.

• Ability to work independently on technical challenges while collaborating across security, development, and operations teams.

• 5 to 9 years of Computer Science, IT or related field experience

Must-Have Skills:

• Proficiency in GitLab CI/CD for secure pipeline development and automation.

• Strong experience with security tools like SAST, DAST, SCA, and secrets scanning.

• Knowledge of IaC practices using Terraform or CloudFormation.

• Solid scripting/programming skills in Python, Bash, Go, or JavaScript.

• Exposure to AI/ML solutions in DevSecOps (e.g., anomaly detection, automated remediation, predictive monitoring).

Good-to-Have Skills:

• Kubernetes workload security (EKS/AKS), including RBAC and network policies.

• Experience with policy-as-code (OPA, Kyverno) and IaC security scanning (Checkov, tfsec).

• Familiarity with hybrid/multi-cloud environments (AWS, Azure).

• Awareness of FinOps and cost-aware pipeline operations.

Professional Certifications (Preferred)

• Certified DevSecOps Professional (CDP)

• GitLab CI/CD Specialist

• Certified Kubernetes Security Specialist (CKS)

Soft Skills:

• Attention to detail and security best practices.

• Effective collaborator across engineering, security, and operations teams.

• Self-driven with strong analytical and troubleshooting abilities.

• Passion for automation and continuous improvement.

Shift Information: This position is an onsite role and may require working during later hours to align with business hours. Candidates must be willing and able to work outside of standard hours as required to meet business needs.