DevSecOps Engineer na LOGISTICS PLUS INC

Description

Location: Erie, PA (Hybrid/Remote)
Department: IT – Software Engineering & Cloud Operations
Reports To: Director of Development and Integrations
Company: Logistics Plus, Inc.
About the Company
Logistics Plus Inc is a leading provider of transportation, warehousing, fulfillment, global
logistics, and supply chain solutions. With a strong commitment to innovation and
excellence, we are modernizing our cloud platforms and delivery practices to ensure
secure, scalable, and efficient operations.
Position Summary
We are seeking a DevSecOps Engineer to drive automation and embed security into our
cloud delivery pipelines. This role will work closely with developers, QA, and
infrastructure administrators to ensure that application and infrastructure deployments
are fast, reliable, and compliant. The ideal candidate will have deep experience with
Azure DevOps, infrastructure-as-code, and cloud security practices.
Key Responsibilities
Pipeline & Automation
• Design, implement, and maintain CI/CD pipelines using Azure DevOps with
integrated security checks.
• Automate infrastructure provisioning and configuration with Terraform and Bicep
templates.
• Develop automated testing and validation steps for IaC deployments and application
builds.
• Optimize pipelines for speed, reliability and cost (parallel jobs, caching, self-hosted
agents, re-usable templates).
• Implement and manage blue/green deployments to App Service slots and rolling
upgrades on AKS.
Containerization & Registry
• Package applications as Docker images and manage them in Azure Container
Registry (ACR).
• Configure autoscaling, rolling updates and health checks on AKS clusters.
Security & Compliance
• Integrate security scanning into pipelines (IaC scanning, container scanning, secret
detection).
• Manage secrets and credentials securely with Azure Key Vault and RBAC.
• Apply policy-as-code and enforce compliance frameworks (SOC 2, ISO 27001, GDPR).
• Collaborate with security teams to monitor threats, investigate incidents, and
remediate vulnerabilities.
• Implement security scanning for container images.
Observability & Reliability
• Implement monitoring, logging, and alerting across cloud workloads (Azure Monitor,
Application Insights, Defender for Cloud, Sentinel).
• Contribute to disaster recovery planning, ensuring secure and reliable failover
strategies.
• Support release management and rollback strategies for mission-critical
applications.
Collaboration & Support
• Partner with Infrastructure Administrators to ensure deployed resources meet both
operational and security requirements.
• Provide guidance to development teams on secure coding and deployment
practices.
• Act as a bridge between security, infrastructure, and development to streamline delivery

Qualifications

• 5+ years in DevOps, Site Reliability, or DevSecOps engineering roles.
• Strong background with CI/CD pipelines (Azure DevOps, GitHub Actions, or
equivalent).
• Proficiency in scripting/automation (PowerShell, Bash, Python).
• Experience with Azure services: Front Door, Service Bus, Functions, Logic Apps, App
Services, VMs, and Azure SQL.
• Experience with building, deploying, and managing Kubernetes clusters (AKS or
equivalent).
• Familiarity with cloud security tools and practices (Microsoft Defender for Cloud,
vulnerability scanners, IAM/RBAC).
• Solid understanding of networking, load balancing, and firewalls in cloud
environments.
• Excellent communication and cross-team collaboration skills.
• Relevant certifications (e.g., Microsoft Certified: DevOps Engineer Expert, Azure
Security Engineer Associate) preferred.
Preferred Skills
• Experience in logistics or transportation management platforms (TMS, WMS).
• Familiarity with Agile/Scrum practices.
• Knowledge of compliance frameworks and audit requirements.
• Exposure to multi-cloud deployments (AWS/GCP) and cross-cloud security practices.