Website Nathan Digital
Founded in 2020, Nathan Digital is a premiere software company in Dubai additionally based in six countries around the world. We provide a radical shift for businesses looking to elevate their operations. We achieve this by creating software suites and state-of-the-art technology that helps these… read more enterprises discover detailed and personalized insights and significantly improve performance.
We are seeking a DevOps Engineer with 3–5 years of experience to integrate security seamlessly into our cloud infrastructure, applications, and delivery pipelines. This role combines a strong focus on security with core DevOps practices, ensuring fast, reliable, and secure software delivery.
What You’ll Do
Build, maintain, and optimize CI/CD pipelines using Bitbucket, Jenkins, or GitHub Actions.
Containerize applications with Docker and manage images securely.
Deploy and manage services across AWS (ECS, EC2, ALB, EKS) and maintain environment configurations.
Integrate security throughout the development lifecycle, including SAST, DAST, and dependency scanning.
Secure secrets using HashiCorp Vault, AWS Secrets Manager, or Systems Manager and enforce best practices for sensitive data.
Harden Docker images and base images for production readiness.
Monitor security alerts, investigate incidents, and develop response playbooks.
Implement security controls across cloud infrastructure (IAM, VPC, Security Groups, WAF, KMS) and enforce least privilege access.
Collaborate with developers to improve secure coding and deployment practices.
Automate vulnerability scans, compliance checks, and remediation workflows to reduce manual effort.
Support audits, client security questionnaires, and documentation to maintain compliance readiness.
What We’re Looking For
3–5 years of experience in DevSecOps, cloud security, or related.
Strong experience with AWS services and cloud security fundamentals (IAM, VPC, ECS, EC2, KMS, WAF).
Hands-on experience with CI/CD pipelines.
Proficiency in Docker and container management.
Experience with security tools such as Snyk, Trivy, or OWASP ZAP.
Skilled in scripting and automation with Python and Bash.
Understanding of threat detection, incident response, and cloud security monitoring.
Nice to Have
Kubernetes security exposure.
Familiarity with ISO/SOC2 compliance frameworks.
Experience with cloud cost optimization and secure network design.
What Success Looks Like
CI/CD pipelines are secure, automated, and free of manual gaps.
No hardcoded secrets, with strong secrets management practices in place.
Faster detection and response to security threats.
Infrastructure is audit-ready and compliant with security standards.
Applications and services are deployed securely without compromising delivery speed.
Apply Through: