Acknowledge vulnerability notifications within 24 hours / next business day, triaging into the appropriate SLA response tier (High: 30 days, Medium: 180 days, Low: 360 days)
Remediate identified system vulnerabilities on a weekly release cadence, including modification, testing, and installation of fixes across all instances; document via release notes, installation guides, and user guides
Perform security assessments and vulnerability scans using AWS Inspector, AWS Security Hub, Twistlock, or similar tools
Maintain trusted base images and automate dependency updates (e.g., Renovate Bot); execute container scans in CI/CD pipelines
Audit and inventory non-Terraformed legacy resources, systematically remediating configuration drift into managed code
Configure and maintain network boundaries: VPC subnets, security groups, Network ACLs, firewalls, VPN configurations, and route paths
Maintain development environment readiness: Terraform updates, git repo builds, key/credential validation, and log analysis for AppDev teams
Coordinate cross-team remediation schedules and story prioritization with AppDev workstreams; participate in on-call rotations supporting Tier 2/3 incident response
Requirements
Bachelor's degree and 5+ years of relevant experience, or equivalent additional experience in lieu of a degree
Must meet federal suitability requirements and pass a background investigation as a condition of employment
Hands-on experience with AWS services including EC2, ECS, RDS, S3, Lambda, and CloudWatch
Proficiency with Terraform for infrastructure-as-code provisioning and drift prevention
Demonstrated experience building and optimizing CI/CD pipelines in GitLab and/or Jenkins
Strong working knowledge of containerization using Docker and container orchestration on AWS ECS/EKS/Fargate
Familiarity with DevSecOps practices including SAST, dependency scanning, and automated vulnerability remediation
Solid understanding of networking, virtualization, and cloud infrastructure fundamentals
Experience with vulnerability management workflows and security scanning tools (AWS Inspector, Security Hub, or similar)
Configuration-drift detection and remediation experience
Tech Stack
AWS
Cloud
Docker
EC2
Firewalls
Jenkins
Terraform
Benefits
Company-subsidized health, dental, and vision insurance