Role Description You'll work under the Lead DevOps Engineer as a key contributor on a collaborative team, executing on infrastructure work, responding to incidents, and helping keep our multi-cloud environments reliable and secure. You're someone who takes direction well, communicates proactively, and brings enough experience to work independently on complex tasks without needing hand-holding. This is a hands-on, execution-focused role. You'll be deep in Kubernetes, Terraform, CI/CD pipelines, and on-call rotations day to day. What You Will Do - Infrastructure & Cloud - Contribute to multi-cloud infrastructure across AWS (EKS, IAM, multi-account) and GCP (GKE Autopilot, IAM, multi-project) using Terraform - Help provision and manage per-client environments — VPC, Kubernetes cluster, DNS, SSL, container registry, secrets, and GitOps integration — following established patterns and module library - Manage bastion hosts, networking, firewalls, and VPC peering under guidance from the lead - CI/CD & GitOps - Maintain and improve GitHub Actions pipelines for build, test, and deployment workflows - Support ArgoCD-based GitOps deployments across multiple GKE and EKS clusters - Help maintain reusable workflow templates used across all product repositories - Observability & Incident Response - Monitor application and infrastructure health using New Relic dashboards and alerts - Actively participate in the on-call rotation via PagerDuty — acknowledge alerts promptly, triage issues, escalate when needed, and follow up thoroughly - Contribute to runbooks and post-mortems after incidents - Proactively flag performance issues and anomalies to the team - Security & Secrets Management - Manage and rotate secrets across all environments using Doppler — AWS IAM keys, GCP service account keys, MongoDB Atlas API keys, GitHub tokens - Follow and uphold least-privilege IAM practices across AWS, GCP, GitHub, and Azure AD - Assist with employee access provisioning and offboarding Qualifications - 7+ years in a DevOps, SRE, or Platform Engineering role - Strong Terraform skills — modules, remote state, multi-environment configurations - Hands-on experience with AWS (EKS, IAM, EC2, S3, multi-account) and GCP (GKE, IAM, Workload Identity) - Kubernetes — Helm, RBAC, namespaces, cluster troubleshooting - GitHub Actions — building and maintaining CI/CD pipelines, reusable workflows - ArgoCD or similar GitOps tooling - Active on-call experience — you've been paged, you know how to triage fast and communicate clearly under pressure - New Relic or equivalent (Datadog, Grafana) — dashboards, alerts, log querying - PagerDuty — on-call rotations, escalation policies, alert routing - Secrets management — Doppler, Vault, or AWS Secrets Manager - Strong scripting in Bash and/or Python - A team-first attitude — you share knowledge, ask questions early, and don't go dark Nice to Have - GCP Workload Identity Federation and AWS IRSA (keyless CI/CD auth) - MongoDB Atlas administration (clusters, VPC peering, API key management) - Azure AD / Entra ID user and access management - Slack app integrations for deployment approvals and alerting - Experience managing infrastructure for multiple clients or tenants from a single codebase Benefits - Competitive compensation and equity - A remote-first, collaborative culture

• Co-responsibility for system availability: You will actively contribute to the availability, reliability and efficiency of our complex system architecture. • Maintenance and automation: You will support the maintenance and automation of our existing infrastructure. • Monitoring and analysis: You will improve our monitoring strategies and perform comprehensive root-cause analyses. • High availability: You must be prepared to respond during off-hours, including occasional overnight incidents. • Software development: Several years' experience in one or more programming languages is required.

• Operation and further development of global cloud infrastructures (Kubernetes, APIs, monitoring tools) • Incident and problem management including root cause analysis • Implementation of optimizations at the system and process level • On-call duty rotated within the team (24/7, with response time < 5 minutes) • Close collaboration with engineering, service, and customer teams • Cross-team communication in English (daily/weekly remote meetings, on-site team days)

Thank you for your interest in a career at Regions. At Regions, we believe associates deserve more than just a job. We believe in offering performance-driven individuals a place where they can build a career --- a place to expect more opportunities. If you are focused on results, dedicated to quality, strength and integrity, and possess the drive to succeed, then we are your employer of choice. Regions is dedicated to taking appropriate steps to safeguard and protect private and personally identifiable information you submit. The information that you submit will be collected and reviewed by associates, consultants, and vendors of Regions in order to evaluate your qualifications and experience for job opportunities and will not be used for marketing purposes, sold, or shared outside of Regions unless required by law. Such information will be stored in accordance with regulatory requirements and in conjunction with Regions’ Retention Schedule for a minimum of three years. You may review, modify, or update your information by visiting and logging into the careers section of the system. Job Description: At Regions, the Cloud DevSecOps Engineer contributes to the advancement of cloud strategy. The primary focus of this role includes developing, communicating, and implementing robust and secure cloud continuous integration and continuous delivery (CI/CD) pipelines. This role works closely with stakeholders to create fully automated pipelines which support current DevSecOps best practices. Primary Responsibilities - Partners with other engineers and information technology staff to orchestrate code builds, quality and security analyses, deployments, and automated testing through CI/CD release candidacy pipelines - Articulates business needs and translate them into technology solutions - Models release candidate CI/CD pipelines as a mechanism to communicate the states and steps necessary to determine a release candidate for each application and service - Designs and develops fully autonomous CI/CD pipelines which facilitate cloud deployments which includes automation of all infrastructure, services and application build and deployment - Ensures that all parts of the pipeline follow good software engineering practices to include automated tests and infrastructure tests - Researches new technologies that will improve efficiency and effectiveness - Implements highly scalable CI/CD platforms to support high change volumes and fast feedback - Automates operational activities and tasks - Responds to performance issues identified by alerts and reported incidents related to CI/CD platforms - Builds tools which reduce errors and improve our overall customer experiences - Assists in troubleshooting of production issues and ensure pipeline and infrastructure produces clear documentation and metrics which enables Root Cause Analysis - Develops and tests – Ansible Playbooks, Terraform Scripts, Packer Scripts and establish immutable infrastructure such that patches are an artifact of the past - Works with Enterprise Architecture, Information Security (InfoSec), Software Delivery, and Quality Assurance to enable the organization to move to the cloud using complete automation - Partners across Technology, Operations, Digital, and Data (TODD) to ensure controls are designed, implemented, and monitored to strengthen risk management, compliance, and cyber security, effectively mitigating risk to levels within the company’s risk appetite - Practices disciplined change management by evaluating risk and control impacts when designing or implementing changes to processes, systems, products, and/or services and ensures appropriate updates to procedures, training, and controls are made accordingly This position is exempt from timekeeping requirements under the Fair Labor Standards Act and is not eligible for overtime pay. Requirements - High School Diploma or GED and eight (8) years of related post-secondary education and/or experience in Information Security or Information Technology Preferences - Four (4) years of relevant DevSecOps experience - AWS DevOps certification or Azure DevOps certification - Experience in building / deploying cloud native applications – OpenShift, Azure Kubernetes Service (AKS) - Experience in observing real-time metrics in the pipeline and deployment strategies – Blue/Green, Canary Deployment - Experience with either AWS or Azure cloud technologies - Experience with interfacing with secrets management solutions like Hashicorp Vault - Familiar with implementing Chaos engineering principles in the pipeline to determine weak links and suggest solutions. - Familiar with testing tools used to facilitate automation and integration of the tools into CI/CD pipelines - Must be comfortable in developing pipelines as code using yaml specs, ansible playbooks Skills and Competencies - Ability to interpret and ensure compliance with applicable rules, regulations, and industry guidance - Excellent communication skills and willing to mentor developers and other team members in the art of DevSecOps - Excellent knowledge of Cloud infrastructure, networking, services, and cloud architectural patterns; specifically, compute using virtual machines, managed infrastructure, containers, serverless, as well as database services, security services, and application services - Proficient in python programming language - Understanding of Shift Left principles and facilitation technologies - Working Knowledge of Jenkins, Azure DevOps, Ansible, Terraform, Packer, Git, ServiceNow a big plus This position is currently offsite, preferably close to a Regions office within our retail branch footprint (click here to see our locations). Associates will work from their home primarily and may be expected to go on site for meetings or other events as needed. Regions will not sponsor applicants for work visas for this position at this time. Applicants for this position must currently be authorized to work in the United States on a full-time basis. Position Type Full time Compensation Details Pay ranges are job specific and are provided as a point-of-market reference for compensation decisions. Other factors which directly impact pay for individual associates include: experience, skills, knowledge, contribution, job location and, most importantly, performance in the job role. As these factors vary by individuals, pay will also vary among individual associates within the same job. The target information listed below is based on the Metropolitan Statistical Area Market Range for where the position is located and level of the position. Job Range Target: Minimum: $133,059.85 USDMedian: $166,810.00 USD Incentive Pay Plans: This job may participate in an annual discretionary bonus plan. Benefits Information Regions offers a benefits package that is flexible, comprehensive and recognizes that "one size does not fit all" for benefits-eligible associates. Listed below is a synopsis of the benefits offered by Regions for informational purposes, which is not intended to be a complete summary of plan terms and conditions. - Paid Vacation/Sick Time - 401K with Company Match - Medical, Dental and Vision Benefits - Disability Benefits - Health Savings Account - Flexible Spending Account - Life Insurance - Parental Leave - Employee Assistance Program - Associate Volunteer Program Please note, benefits and plans may be changed, amended, or terminated with respect to all or any class of associate at any time. To learn more about Regions’ benefits, please click or copy the link below to your browser. https://www.regions.com/about-regions/welcome-portal/benefits Location Details Riverchase Operations Center Location: Hoover, Alabama Equal Opportunity Employer/including Disabled/Veterans Job applications at Regions are accepted electronically through our career site for a minimum of five business days from the date of posting. Job postings for higher-volume positions may remain active for longer than the minimum period due to business need and may be closed at any time thereafter at the discretion of the company.