Job Summary: We are seeking a DevSecOps Engineer to integrate security, automation, and operational efficiency into the software development lifecycle, ensuring scalable, reliable, and secure technological solutions—from design through to operation—within an energy-sector company. Key Highlights: 1. Participation in high-impact institutional technology initiatives. 2. Integration into an organization undergoing technological transformation. 3. Direct involvement in strategic, highly critical projects. ### **At ISPROX, we are looking for a DevSecOps Engineer** Do you specialize in integrating security, automation, and operational efficiency within the software development lifecycle? Are you interested in ensuring that technological solutions are scalable, reliable, and secure from design through to operation? This position will allow you to participate in high-impact institutional technology initiatives. Our client is a Mexican energy-sector company with nationwide operations, where information security, automation, and operational continuity are **strategic elements for technological modernization and protection of critical systems**. ### **Job Objective** To integrate security practices, automation, and efficient operations throughout the institutional systems’ development and deployment lifecycle, ensuring implementation of secure, scalable, and reliable technological solutions under a *Security by Design* approach and continuous improvement. ### **Key Responsibilities** * Design, implement, and maintain continuous integration and deployment (CI/CD) pipelines with integrated security controls. * Automate provisioning, testing, deployment, and monitoring processes across development, testing, and production environments. * Incorporate vulnerability analysis, security controls, and regulatory compliance at every stage of the DevOps lifecycle. * Administer and optimize on\-premise, hybrid, or cloud infrastructures (AWS, Azure, GCP). * Configure and maintain observability, logging, and monitoring tools (logs, metrics, and alerts). * Implement identity management policies, access controls, data encryption, and secret management. * Collaborate with development, QA, and security teams for early risk detection and mitigation. * Participate in technical audits, security reviews, and preparation of technical documentation. * Promote institutional DevSecOps culture through standardization, training, and continuous improvement. ### **Requirements** #### **Education** * Degree in Systems Engineering, Computer Science, Cybersecurity, Telecommunications, or related field. * Certifications in DevOps (AWS, Azure, Google Cloud), Security (CompTIA Security\+, CISSP, CEH), or Automation (Docker, Kubernetes, Jenkins) are desirable. #### **Knowledge** * CI/CD architectures and associated tools (GitLab CI, Jenkins, CircleCI, Azure DevOps). * Containerization and orchestration (Docker, Kubernetes). * Infrastructure as Code (Terraform, Ansible, CloudFormation). * Application security, vulnerability analysis, and dependency management (OWASP, SonarQube, Snyk). * Cryptography, access control, system hardening, and secret management. * Monitoring and observability (Prometheus, Grafana, ELK Stack, Datadog). * Knowledge of security frameworks and standards (ISO 27001, NIST, ENS, GDPR or equivalent local standards) is desirable. #### **Professional Experience** * Minimum 5 years of experience in system development, operations, or security. * Experience implementing automated pipelines and deploying secure environments. * Participation in digital transformation or institutional technological modernization projects. * Experience managing incidents, responding to vulnerabilities, and conducting technical audits. * Experience in mission-critical or high-availability environments is desirable. ### **We Offer** * Join an organization undergoing technological transformation and strengthening. * Direct participation in strategic, highly critical projects with institutional impact. * Job stability and opportunities for professional development.