Cybersecurity is in high demand, but landing a job has been extremely difficult for so many people because of gate keepers and ridiculous requirements for so many people. DevOps, Solutions Architect and Cloud roles continue to expand. The playing field is leveled for those that want to work remotely.

While some companies and their extroverts want everyone back in the office because their management has not learned the best way to operate teams and projects remotely. DevOps, Cloud Engineer and Solutions Architects are in high demand and their are many roles that will allow you to work remotely no matter where you live or want to work. Hybrid roles have become another popular option for companies. For me, the best blend is a remote role where you have team onsites periodic times throughout the year. I do believe it does have an impact on comraderie to periodically meet and see who you work with. I do believe infrequent meetups is more than enough.

Some will complain, moan and grown about me putting CCNA or Linux certifications, but in this highly competitive world. You need to stand out not only on paper, but in knowledge, skills and abilities. Here you go…

DevSecOps Position Overview

Responsible for architecting, implementing, and overseeing the organization's comprehensive cybersecurity infrastructure with a focus on DevSecOps practices, Linux environments, and AWS cloud infrastructure. This role leads security automation initiatives and coordinates across platform engineering, SRE, and application teams to ensure security-as-code principles are embedded throughout the technology stack. eJPT and PJPT is for the “SEC” part of DevSECOps. While CISSP has name recognition and branding. It will not help you in performing real security tasks in the real world and the OSCP is extremely expensive. Unless a company is going to foot the bills directly or give you a pay bump for having these specific certifications…don’t bother. That really is the case with any IT certification. Unless it is an actual business need for the actual job. Do not waste one minute learning what a company does not care about. Focus only on what is in high demand and when you land a job or do consulting. Focus on what company’s or customer’s care about. Let that guide you on what you need to learn and do. Don’t learn random stuff for the hell of it.

Before You Start Studying Anything…

Dump your social media apps from your phone. Seriously. Put the phone on vibrate so you don’t hear any dinging or ringing and preferably, put it in another room away from your addicted hands. That distraction will hold you back. Cancel Netflix, Hulu, Peacock, Amazon Prime…whatever and focus 100% on studying. Take a break once a week on a day you can veg out, eat out or social media out. ONE day…that’s it. FOCUS! If you want $100,000, $150,000, $200,000 money…you have to be able to solve $100,000-$200,000 problems. Think about this when someone wants to whine, moan and groan about social media, streaming or watching TV or scrolling on apps.

Key Responsibilities

1. Security Architecture and Implementation

• Design and maintain a cloud-native security architecture leveraging AWS security services (GuardDuty, SecurityHub, WAF, Shield) with zero-trust principles

• Implement security observability using ELK Stack, Prometheus, and Grafana for threat detection and monitoring

• Architect containerized security solutions using Docker, Kubernetes, and AWS ECS/EKS with robust security controls

• Develop Infrastructure-as-Code templates using Terraform and CloudFormation with security guardrails

2. Network and Cloud Security

• Design and implement AWS networking components including VPCs, Transit Gateways, and PrivateLink with security best practices

• Configure and maintain Linux-based security tools, iptables, SELinux, and AppArmor profiles

• Implement AWS native security controls including Security Groups, NACLs, and AWS Network Firewall

• Architect secure service mesh implementations using AWS App Mesh or Istio with mTLS

• AWS Direct connect configurations, setup and connections

3. Data Protection and Privacy

• Implement AWS encryption services (KMS, CloudHSM) and secrets management (AWS Secrets Manager, Parameter Store)

• Design data protection strategies using AWS Macie, GuardDuty, and CloudWatch

• Configure Linux-based encryption tools and file system security controls

• Implement secure S3 bucket policies, encryption, and access logging

4. DevSecOps Integration

• Build CI/CD security pipelines using AWS CodePipeline, Jenkins, and GitLab with integrated security scanning

• Implement container security scanning using Trivy, Clair, and AWS ECR scanning

• Develop GitOps workflows with integrated security controls using ArgoCD or Flux

• Create automated security testing using AWS CodeBuild with SAST/DAST tools

• Configure Security Hub custom actions and EventBridge rules for automated remediation

5. Infrastructure Security

• Implement AWS Systems Manager for secure host management and patching

• Configure AWS Config rules and remediation actions for continuous compliance

• Design secure AMI building pipelines using Packer with hardened Linux configurations

• Implement AWS Control Tower and Organizations for multi-account security

6. Identity and Access Management

• Design IAM policies following least privilege principles using AWS IAM Access Analyzer

• Implement SAML/OIDC federation with AWS IAM Identity Center (formerly AWS SSO)

• Configure fine-grained permissions using AWS IAM roles and instance profiles

• Manage service account security using AWS STS and temporary credentials

7. Monitoring and Incident Response

• Build security monitoring using CloudWatch, CloudTrail, and AWS Security Hub

• Implement automated incident response using AWS Lambda and Step Functions

• Configure centralized logging using OpenSearch Service and CloudWatch Logs

• Design runbooks and playbooks using AWS Systems Manager Automation

8. Compliance and Security Assessments

• Implement continuous compliance monitoring using AWS Audit Manager and Config Rules

• Conduct infrastructure security assessments using AWS Inspector and Security Hub

• Maintain compliance with AWS security standards and benchmarks

• Automate security controls validation using AWS CloudFormation Guard

Technical Competencies

• Expert knowledge of AWS security services and architectural best practices

• Advanced Linux system administration and security hardening

• Proficiency in IaC tools (Terraform, CloudFormation, Jenkins, CDK)

• Strong containerization and Kubernetes security expertise

• Advanced scripting in Python, Bash, Javascript, HTML, CSS (You can learn others as needed by a company paying you actual money)

• Deep understanding of CI/CD security integration

• Experience with cloud-native observability tools

• Expertise in automated security testing and scanning

• Knowledge of compliance frameworks (CIS, NIST, SOC2)

AWS Certification Track

CompTIA Security+ (US Gov Jobs or US Corporations)

AWS Certified Solutions Architect - Associate:

• https://skillbuilder.aws/roles#solutions-architect

• https://skillbuilder.aws/roles#cloud-operator-sysops

AWS Certified Solutions Architect - Professional

AWS Certified DevOps Engineer:

• https://skillbuilder.aws/roles#devops-engineer

Linux Foundation Certified Systems Administrator - LFCS

Red Hat Certified Systems Administrator - RHCSA

Cisco Certified Network Associate - CCNA

Hashicorp Terraform Certification

GitLab Certified Associate

Certified Jenkins Engineer:

• https://university.cloudbees.com/path/jenkins-community-training-certification

Certified Kubernetes Administrator (CKA)

Practical Junior Penetration Tester (PJPT)

INE Junior Penetration Tester (eJPT)

PCEP - Certified Entry-Level Python Programmer

GCP Certification Track

CompTIA Security+ (US Gov Jobs or US Corporations)

Google Cybersecurity Certificate

Google Cloud Cybersecurity Certificate

• https://www.cloudskillsboost.google/paths/419

Linux Foundation Certified Systems Administrator - LFCS

Red Hat Certified Systems Administrator - RHCSA

Cisco Certified Network Associate - CCNA

Hashicorp Terraform Certification

GitLab Certified Associate

Certified Jenkins Engineer:

• https://university.cloudbees.com/path/jenkins-community-training-certification

Google Cloud Associate Cloud Engineer

• https://www.cloudskillsboost.google/paths/11

Google Cloud Professional Cloud Architect

Google Cloud Professional Cloud DevOps Engineer

• https://www.cloudskillsboost.google/paths/20

• https://www.cloudskillsboost.google/paths/76

Certified Kubernetes Administrator (CKA)

Practical Junior Penetration Tester (PJPT)

INE Junior Penetration Tester (eJPT)

PCEP - Certified Entry-Level Python Programmer

Popular Self-Paced Bootcamps

Popular Self-Paced Training:Cheapest (Cybersecurity):

1.

https://www.sheastech.io

(Tuition: $0.00 + Admissions Fee) 100% Self-PacedCheaper (Tutorials Dojo) + Real Hands-On Labs Access

2. Tutorials Dojo: https://tutorialsdojo.com/Reasonable (KodeKloud) + Real Hands-On Labs Access

3. KodeKloud: https://kodekloud.com/Workable (TechWorld with Nana) + No Hands-On Labs

3a. Intro to IT ($495 USD)

3b. DevOps Bootcamp ($1795) - Not for Complete IT Newbies

Workable (TechWorld with Nana) + No Hands-On Labs:

4. Intro to IT ($495 USD)

4a. DevOps Bootcamp ($1795) - Not for Complete IT Newbies

Roof on Fire (Yellowtail.tech) + Internal Accessible Labs:

5. Linux (RHCSA) Training ($8000-$10,000)

5a. Approved MD Workforce Trainer:

https://yellowtail.tech/

Insane (Flatiron School) - Very Good & Amazing $0.00 Prep/Try Classes:

6. https://flatironschool.com/tuition-financing/ (Extreme High Cost)

6a. https://flatironschool.com/free-lessons/#coding (Try Before You Buy)

6b. Tuition: $16,900-$17,900 (which is eye watering... 😢 🥹).

NOTE: Some people may justify high cost training and fall for ridiculous sales pitches for schools $8000-$18,000 because of greed and dreams of making huge amounts of money, but to each his own. I don't knock any company for making money off of people who aren't self-disciplined and self-organized.