At Regions, the Cloud DevSecOps Engineer contributes to the advancement of cloud strategy. The primary focus of this role includes developing, communicating, and implementing robust and secure cloud continuous integration and continuous delivery (CI/CD) pipelines. This role works closely with stakeholders to create fully automated pipelines which support current DevSecOps best practices. The Cloud DevSecOps Engineer will drive innovation through the adoption of AI-enabled security capabilities, including LLM-integrated workflows, intelligent automation, and AI-assisted vulnerability remediation, to improve the effectiveness and efficiency of the Exposure Management program. In this role, you will: Build the integration of security practices, controls, and automated remediation capabilities into CI/CD pipelines, infrastructure-as-code (IaC), and cloud-native development processes to reduce organizational cyber exposure. Partner with Application Development, Platform Engineering, Cloud Engineering, and Security teams to identify, prioritize, and remediate vulnerabilities across applications, containers, cloud services, and code repositories. Drive the adoption and optimization of security tooling, including SAST, DAST, SCA, IaC scanning, secrets detection, container security, and software supply chain security solutions. Develop and maintain risk-based remediation workflows that align vulnerability findings with asset criticality, threat intelligence, exploitability, and business impact. Support the organization's Exposure Management program by establishing security guardrails, preventative controls, and continuous monitoring capabilities that reduce attack surface and security risk. Build security automation and orchestration capabilities to improve vulnerability detection and remediation, policy enforcement, configuration management, and developer self-service security functions. Define and report on key performance indicators (KPIs) and metrics related to application security, remediation effectiveness, security debt reduction, and secure development maturity. Serve as a security advocate for engineering teams, promoting secure-by-design principles, developer education, and a culture of shared responsibility for cybersecurity risk management.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Job Type
Full-time
Career Level
Mid Level
Education Level
High school or GED