AWS Serverless DevOps & Security Automation Engineer

Project Overview & Business Challenge

• Company Introduction: We have a new product that is built entirely on a serverless architecture using AWS Lambda, API Gateway, and DynamoDB. We need to move this product to production efficiently and securely.
• The Challenge: Our team lacks expertise in securing and managing serverless environments. We need to establish a robust CI/CD pipeline, ensure our Lambda functions and API Gateway endpoints are secure, and automate deployment processes. A security breach in our serverless architecture could have severe consequences.
• Objective: The goal is to design and implement a secure and automated CI/CD pipeline for our serverless application, focusing on security best practices, monitoring, and efficient deployment.

Detailed Job Description & Responsibilities

• Core Tasks:
• Design and implement a complete CI/CD pipeline for serverless applications using AWS services and tools (e.g., CodePipeline, Serverless Framework).
• Implement Infrastructure as Code (IaC) using tools like AWS SAM or Terraform to manage all serverless resources.
• Secure AWS Lambda functions and API Gateway endpoints by implementing proper IAM roles, API key management, and input validation.
• Integrate security scanning tools into the pipeline to check for vulnerabilities in the code and dependencies.
• Set up comprehensive monitoring, logging, and alerting for the serverless application using CloudWatch.
• Document the entire DevOps process and provide guidance for our internal team.

Required Skills & Qualifications

• Technical Expertise:
  • Extensive experience with AWS serverless services (Lambda, API Gateway, DynamoDB).
  • Proven expertise in CI/CD pipeline creation and management (AWS CodePipeline, Jenkins).
  • Strong knowledge of Infrastructure as Code (IaC) tools (AWS SAM, Terraform).
  • Proficient in at least one scripting language (Python, Node.js).
  • Deep understanding of serverless security best practices and IAM policies.
  • AWS Certified DevOps Engineer - Professional or AWS Certified Security - Specialty certification is a plus.
• Soft Skills:
  • Excellent communication and technical documentation skills.
  • Proactive problem-solver with a strong focus on automation and security.
  • Collaborative mindset to work with the development team.

Deliverables

• Tangible Outputs:
  • A fully automated and secure CI/CD pipeline for our serverless application.
  • An Infrastructure as Code repository for managing serverless resources.
  • A documented security and monitoring strategy.
  • A final report detailing the implemented changes and recommendations.

Timeline

• Timeline: Project is expected to be completed within 30-45 days.

How to Apply

• Instructions:
  • Submit a proposal outlining your experience with serverless architecture and DevOps.
  • Provide a portfolio or examples of previous work.
  • State your hourly rate for this project.

 Skills

• Technical: AWS Lambda, API Gateway, DynamoDB, CI/CD, Serverless Framework, AWS SAM, Terraform, Python, Node.js, IAM.
• Soft: Communication, Collaboration, Documentation, Problem-solving.