Job Summary: BYKON Consulting is seeking a DevSecOps Jr. to enhance the digital experience through the development of innovative solutions, with a focus on security in DevOps and cloud environments (primarily AWS). Key Responsibilities: 1. Continuous improvement of security practices in DevOps and cloud (AWS) 2. Implementation of security policies and best practices (IAM, KMS, WAF) 3. Collaboration in the creation and maintenance of secure CI/CD pipelines At **BYKON Consulting**, we are a boutique of digital experts who enhance people’s experiences through the development of innovative solutions. In this instance, we are actively seeking a DevSecOps Jr. with experience in: \- implementation and continuous improvement of security practices in DevOps and cloud environments (primarily AWS). The ideal candidate must possess foundational knowledge in automation and cloud security. * AWS: o Support secure configuration and administration of AWS services (EC2, S3, IAM, VPC, etc.). o Site-to-Site VPNs o Implement security policies and best practices (IAM, KMS, Security Groups, CloudTrail, Security Hub, WAF). o Automate infrastructure provisioning using Terraform and Ansible. o Monitor compliance and vulnerabilities across cloud infrastructure. Ansible and Terraform: o Create, maintain, and improve Ansible playbooks for configuration management and secure application deployment. o Develop and maintain Terraform modules, templates, and scripts for infrastructure-as-code provisioning, ensuring integration of security controls. o Automate system and application patching and updates. * Docker: o Build and maintain secure and efficient Docker images. o Manage the container lifecycle, ensuring integration of security practices (scanning, hardening). o Support implementation of vulnerability scanning for container images. * GitHub Actions: o Collaborate in the creation and maintenance of secure CI/CD pipelines using GitHub Actions. o Integrate static (SAST) and dynamic (DAST) application security testing into the CI/CD workflow. o Automate deployments and audits within the pipeline. * Kubernetes/EKS: o Cluster and service administration. * General: o Stay current with DevSecOps trends and industry best practices. * Basic technical English proficiency. Desirable: * Prior experience in security automation projects. * NoSQL, in-memory, and SQL databases. * Scripting knowledge (Python, Bash, Node, etc.) Employment Type: Full-time Salary: Starting at $25,000.00 per month Benefits: * Medical expense insurance Experience: * AWS infrastructure management: 4 years (Desirable) * Terraform: 4 years (Desirable) * Hardening and Scanning (Docker): 4 years (Desirable) Work Location: Remote/hybrid at 11530, Polanco II Sección, CDMX