跳到主要內容

DevSecOps Engineer

00068642761

DevSecOps Engineer

Experience: 12+ years

Job Summary

We are looking for a DevSecOps Engineers who can help lead our infrastructure-as-code and CICD deliverables for the AIM project and raise the bar on security across the AIM program. You will design and maintain Terraform modules consumed by multiple teams build secure CI/CD pipelines and ensure every provisioned resource follows least-privilege principles. You will work within HCP Terraform using VCS-driven workflows and help shape how the team adopts AI-assisted development tooling responsibly.

Please note, this role is not able to offer visa transfer or sponsorship now or in the future*

Responsibilities

What You’ll Do

Design build and maintain reusable Terraform modules with clear interfaces versioning and documentation so other teams can self-serve infrastructure safely

  • Manage and optimize HCP Terraform workspaces using VCS-driven workflows - including workspace design variable sets run triggers and policy enforcement
  • Provision and manage cloud resources (primarily AWS) following least-privilege access patterns and security best practices
  • Manage secrets and sensitive configuration using HashiCorp Vault and/or AWS Secrets Manager
  • Build and maintain CI/CD pipelines (GitHub Actions) with proper gating scanning testing and promotion workflows that integrate with HCP Terraform VCS-driven run model
  • Conduct security reviews of infrastructure code and pipeline configurations

What You Bring

Must Have

  • 5+ years of hands-on Terraform experience including writing modules with proper state management remote backends and provider configuration
  • Hands-on Experience with HCP Terraform (Terraform Cloud) specifically VCS-driven workflows - workspace configuration speculative plans on PRs run approvals and managing workspace variables/variable sets
  • Experience with HCP Terraform private registry for publishing and consuming internal modules
  • Strong understanding of AWS IAM - policies roles trust relationships permission boundaries and service control policies
  • Hands-on Experience with at least one secrets management platform: HashiCorp Vault or AWS Secrets Manager
  • Solid understanding of OIDC and federated identity -how trust is established token exchange and practical application in CI/CD and cloud access
  • Proven experience building and maintaining CI/CD pipelines in GitHub Actions or GitLab CI/CD including environment promotion approval gates and artifact management
  • Security-first mindset - you default to deny scope permissions tightly and can articulate why
  • Hands-on Experience using AI coding assistants (Amazon Q Kiro GitHub Copilot or similar) with a clear understanding of when to trust verify and override AI-generated output
  • Commitment to human-in-the-loop practices code review manual approval gates for production and treating AI output as a draft - never as the final word

Nice to Have

  • Experience with Sentinel within HCP Terraform
  • Knowledge of infrastructure testing tools
  • Contributions to internal developer platforms or self-service infrastructure tooling

How We Work

  • Infrastructure changes are driven through VCS - a push or PR triggers speculative plans and runs in HCP Terraform with peer review required before apply
  • AI tools accelerate our work but every change is reviewed by a human before merging
  • We treat security as a shared responsibility not a gate at the end
  • We document architectural decisions and keep runbooks current
  • We prefer simple maintainable solutions over clever ones

Applications will be accepted until 7/28/2026

The annual salary for this position is between $100,000- $155,000 depending on experience and other qualifications of the successful candidate.

This position is also eligible for Cognizant’s discretionary annual incentive program, based on performance and is subject to the terms of Cognizant’s applicable plans.

Benefits: Cognizant offers the following benefits for this position, subject to applicable eligibility requirements:

· Medical/Dental/Vision/Life Insurance

· Paid holidays plus Paid Time Off

· 401(k) plan and contribution

· Long-term/Short-term Disability

· Paid Parental Leave

· Employee Stock Purchase Plan

Disclaimer: The salary, other compensation, and benefits information is accurate as of the date of this posting. Cognizant reserves the right to modify this information at any time, subject to applicable law.


关于高知特 (Cognizant)
高知特(Cognizant)(纳斯达克代码:CTSH)作为一家AI Builder和相关技术服务提供商,致力于通过打造全栈AI解决方案,帮助企业将人工智能投资转化为实际价值。公司凭借深厚的行业经验、流程优化和工程技术专长,将企业独特的业务场景融入科技系统,赋能组织释放人才潜能,推动切实成果,并帮助全球企业在瞬息万变的环境中保持领先。如需了解更多详情,敬请访问 cognizant.ai 或关注@cognizant。

补充雇佣信息
薪酬信息截至本职位发布之日为准。Cognizant 保留在适用法律允许的范围内随时修改该信息的权利。
申请人可能需要通过现场面试或视频会议的方式参加面试。此外,候选人在每次面试时可能需要出示其当前所在州或政府签发的有效身份证件。
Cognizant 是一家提供平等就业机会的雇主。在招聘过程中,您的申请和候选资格不会因种族、肤色、性别、宗教、信仰、性取向、性别认同、国籍、残疾、遗传信息、怀孕、退伍军人身份或任何其他受联邦、州或地方法律保护的特征而受到影响。

帮助您蓬勃发展与成长的福利

我们的福利计划以您为中心打造——帮助您享受充实、平衡且健康的生活。
有葉子的植物的藍色線條圖

财务健康

我们会定期审查市场数据,确保薪酬体现您所带来的价值。您的福利不仅限于薪资,还可能包括退休计划、财务教育等。

Stay Healthy Midnight Blue RGB

身心健康

我们通过带薪休假、在条件允许下的灵活工作安排、医疗保障计划、心理咨询、心理健康盟友计划等,赋能您将身心健康放在首位。

Build The Career You Want Midnight Blue RGB

您的职业发展,由您做主

在 Cognizant 提供的 35 万多个岗位中,您将有机会探索新的技术、行业和工作地点,并打造推动职业发展的关键技能。

Making A Meaningful Impact Midnight Blue RGB

现实世界的影响力

想想您所依赖的那些知名品牌。很可能,他们也依赖我们来帮助强化其业务。在这里,您将把大胆的想法转化为改善全球生活的解决方案。

还没有找到合适的机会吗?

获取为您量身定制的最新职位机会、招聘活动和公司新闻!

掌握最新动态