Development, Security, and Ops Engineer (DevSecOps)
Apply NowCompany: Aspira
Location: Dallas, TX 75217
Description:
Development, Security, Operations Engineer
Aspira | Engineering
About Aspira
For forty years, Aspira has been the market-leading software and services provider for the great outdoors, primarily for state and provincial parks and wildlife agencies. As part of our constant evolution, we're executing an aggressive multi-year transformation to accelerate revenue growth, optimize cost structures, and maximize shareholder value while expanding our market position.
The leadership team has reset the company's core values to drive our transformation: Customer Obsession, Forward Momentum, One Team One Dream, Radical Transparency, Win with Integrity, and Excellence guide everything we do.
The Ideal Candidate
This is a pivotal role where you'll lead the integration of security best practices directly into our CI/CD pipelines, infrastructure, and development workflows - ensuring our new platform is secure, scalable, and resilient from the ground up.
Key Responsibilities
Build and Enhance CI/CD Pipelines:
Design, implement, and maintain secure, automated CI/CD pipelines to support our platform rebuild.
Integrate Security into Development Processes:
Automate security scans, code analysis, and compliance checks into the development lifecycle.
Cloud Infrastructure Security:
Define and enforce security standards for cloud infrastructure (primarily AWS) using Infrastructure as Code (IaC) tools like SST, Terraform or CloudFormation.
Application & Container Security:
Implement best practices for securing serverless services across our AWS infrastructure.
Incident Response & Monitoring:
Establish robust monitoring, logging, and alerting systems, and play a key role in incident detection, triage, and response.
Collaborate Across Teams:
Work closely with software engineers, product teams, and operations to embed security into every stage of the software lifecycle.
Contribute to Security Policies and Governance:
Help shape security standards, policies, and processes to support a modern, scalable, cloud-native SaaS environment.
Qualifications
5+ years of experience in DevOps, Security Engineering, or DevSecOps roles within SaaS or cloud environments.
Deep expertise with AWS (Lambda, API Gateway, AppSync, DynamoDB, CDK/SST, IAM, KMS).
Proven record building CI/CD pipelines in GitHub Actions.
Strong background managing a monorepo (workspace tooling, dependency management) for local development and cloud CI/CD.
Scripting proficiency (TypeScript).
Solid understanding of networking, security, and cost-optimization in the cloud.
Deep understanding of secure coding practices, cloud security architecture, and modern application security principles.
Desired Education and Experience
Experience automating infrastructure security, monitoring, and compliance controls.
Excellent collaboration, communication, and problem-solving skills.
Experience in rebuilding or re-platforming SaaS applications.
Familiarity with zero-trust security models and modern identity management practices.
Security certifications (CISSP, AWS Security Specialty, GIAC, or equivalent).
Experience with tools like Vault, AWS Security Hub, or Twistlock.
Skills & Requirements Qualifications
Aspira | Engineering
About Aspira
For forty years, Aspira has been the market-leading software and services provider for the great outdoors, primarily for state and provincial parks and wildlife agencies. As part of our constant evolution, we're executing an aggressive multi-year transformation to accelerate revenue growth, optimize cost structures, and maximize shareholder value while expanding our market position.
The leadership team has reset the company's core values to drive our transformation: Customer Obsession, Forward Momentum, One Team One Dream, Radical Transparency, Win with Integrity, and Excellence guide everything we do.
The Ideal Candidate
This is a pivotal role where you'll lead the integration of security best practices directly into our CI/CD pipelines, infrastructure, and development workflows - ensuring our new platform is secure, scalable, and resilient from the ground up.
Key Responsibilities
Build and Enhance CI/CD Pipelines:
Design, implement, and maintain secure, automated CI/CD pipelines to support our platform rebuild.
Integrate Security into Development Processes:
Automate security scans, code analysis, and compliance checks into the development lifecycle.
Cloud Infrastructure Security:
Define and enforce security standards for cloud infrastructure (primarily AWS) using Infrastructure as Code (IaC) tools like SST, Terraform or CloudFormation.
Application & Container Security:
Implement best practices for securing serverless services across our AWS infrastructure.
Incident Response & Monitoring:
Establish robust monitoring, logging, and alerting systems, and play a key role in incident detection, triage, and response.
Collaborate Across Teams:
Work closely with software engineers, product teams, and operations to embed security into every stage of the software lifecycle.
Contribute to Security Policies and Governance:
Help shape security standards, policies, and processes to support a modern, scalable, cloud-native SaaS environment.
Qualifications
5+ years of experience in DevOps, Security Engineering, or DevSecOps roles within SaaS or cloud environments.
Deep expertise with AWS (Lambda, API Gateway, AppSync, DynamoDB, CDK/SST, IAM, KMS).
Proven record building CI/CD pipelines in GitHub Actions.
Strong background managing a monorepo (workspace tooling, dependency management) for local development and cloud CI/CD.
Scripting proficiency (TypeScript).
Solid understanding of networking, security, and cost-optimization in the cloud.
Deep understanding of secure coding practices, cloud security architecture, and modern application security principles.
Desired Education and Experience
Experience automating infrastructure security, monitoring, and compliance controls.
Excellent collaboration, communication, and problem-solving skills.
Experience in rebuilding or re-platforming SaaS applications.
Familiarity with zero-trust security models and modern identity management practices.
Security certifications (CISSP, AWS Security Specialty, GIAC, or equivalent).
Experience with tools like Vault, AWS Security Hub, or Twistlock.
Skills & Requirements Qualifications