This is a remote position. Junior DevSecOps Engineer Overview We are seeking a Junior DevSecOps Engineer to support the development, security, and deployment of AI-driven applications and data platforms. This role will help integrate security best practices into DevOps processes, ensuring safe, reliable, and scalable solutions across AWS, Azure, Tableau, Power BI, and DealCloud CRM integrations. This is an excellent opportunity for someone early in their career to gain hands-on experience in cloud engineering, DevOps, and security within an AI-focused environment. Key Responsibilities - Assist in building and maintaining CI/CD pipelines for applications and data platforms - Support implementation of DevSecOps practices, embedding security into development and deployment workflows - Help manage and maintain cloud environments (AWS and/or Azure) - Assist with infrastructure as code (IaC) using tools such as Terraform, CloudFormation, or Bicep - Support security scanning and vulnerability management (e.g., SAST, DAST, dependency scanning) - Monitor systems and assist with incident response and remediation - Collaborate with engineering, QA, and security teams to ensure secure and efficient deployments - Assist in managing identity and access controls (IAM, Azure AD) - Support logging, monitoring, and observability tools - Document processes, configurations, and runbooks Requirements Required Qualifications - 1–3 years of experience in DevOps, Cloud Engineering, IT Security, or related roles - Basic understanding of cloud platforms (AWS and/or Azure) - Familiarity with CI/CD tools (e.g., GitHub Actions, Jenkins, Azure DevOps) - Exposure to infrastructure as code concepts (Terraform, CloudFormation, or similar) - Basic knowledge of security principles (e.g., authentication, encryption, vulnerability management) - Experience with version control systems (e.g., Git) - Strong problem-solving and troubleshooting skills Key Traits for Success - Eagerness to learn and grow in DevOps and security practices - Strong attention to detail and security mindset - Collaborative team player - Ability to adapt in a fast-paced, evolving environment - Proactive approach to problem-solving

• Build and manage AWS infrastructure using Infrastructure as Code (Terraform), ensuring scalability and maintainability. • Manage and scale Kubernetes (EKS) clusters for high availability and fault tolerance. • Provision, maintain, and upgrade AWS services including RDS, networking, compute, and storage components. • Design, implement, and optimize CI/CD pipelines to improve deployment speed and reliability. • Oversee and maintain GitLab infrastructure and engineering workflows. • Collaborate with security and legal teams to support compliance initiatives (SOC 2, GDPR, etc.). • Monitor infrastructure performance using tools like Grafana, CloudWatch, and other observability platforms. • Implement strong alerting, monitoring, and incident response processes. • Lead incident resolution and root cause analysis, ensuring long-term fixes are implemented. • Participate in architecture design, capacity planning, and disaster recovery strategies. • Create and maintain documentation, runbooks, and infrastructure standards. • Mentor junior engineers and contribute to a high-performing DevOps culture.

• Lead DevOps initiatives for a large legacy system currently in production, with limited documentation. Strong discovery, assessment, and documentation skills are essential. • Drive the three main pillars of the modernization program: • **Platform modernization to serverless architectures** • **Security standardization and vulnerability management** • **Monitoring standardization across environments** • Collaborate closely with Moody’s engineering and operations teams to ensure cross-team alignment and a smooth transition. • Troubleshoot and independently resolve technical issues that arise during modernization and migration efforts. • Architect, design, and optimize deployment pipelines and automation systems. • Support the definition of standards, processes, and best practices for DevOps and cloud modernization.

Role Description As a DevSecOps Lead, you will own iBwave’s security and compliance program (SOC2, GDPR) while playing a hands-on role in the configuration and operation of security tools and automation. You will work closely with IT, DevOps, Engineering, and Legal to implement scalable, secure, and automated solutions across our environment. Key Responsibilities - Own and manage the security and compliance program (SOC2, GDPR) - Ensure policies, controls, and audit readiness through continuous monitoring and tooling (e.g., Drata) - Configure, manage, and optimize security tools (e.g., Microsoft Sentinel, Defender, cloud security services) - Oversee and improve cloud and infrastructure security across Azure and AWS - Manage vulnerability processes, including scanning, prioritization, and remediation tracking - Define and support security monitoring, alerting, and incident response processes - Lead vendor security due diligence and third-party risk assessments - Support customer security questionnaires and trust initiatives - Design and implement automation (scripts, workflows, integrations) to streamline security and compliance processes - Collaborate with DevOps on advanced integrations and support solution design, testing, and deployment Qualifications - Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent experience - 5+ years in security, compliance, or related roles - Strong hands-on experience with cloud environments (Azure and/or AWS) - Experience configuring and operating security tools (e.g., SIEM, endpoint security, cloud security platforms) - Experience with SOC2 and/or GDPR programs - Ability to develop basic to moderate scripts (e.g., PowerShell, Python) and automation workflows - Strong understanding of cybersecurity principles (IAM, network security, monitoring, vulnerability management) - Strong communication skills and ability to work cross-functionally Benefits - Health and well-being benefits include medical, extended health care, dental and vision as from your first day of work. - You are eligible to participate in the Corning Optical Communications LLC Retirement and Savings Plan on your first day of work. - RRSP with 100% match, up to 5% of your earnings. - The company will contribute 2.5% of your eligible pay each year to the DPSP account. - Long-term disability benefit. - Professional development programs help you grow and achieve your career goals.