DevSecOps Engineer, Internal Security

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent work experience
• Proven experience as a DevSecOps Engineer or in a similar security engineering role, including significant enterprise and cloud security exposure
• Deep understanding of security principles, best practices, and regulatory frameworks (especially GDPR, with strong working knowledge of HIPAA, SOC, SOX, and PCI)
• Expertise with Azure and AWS cloud security; proficiency with Google Cloud Platform and Oracle Cloud are a plus
• Hands-on experience with programming/scripting (such as Python, Bash, PowerShell), plus experience using secure coding practices
• Familiarity with code review techniques, security assessment tools, penetration testing approaches, and vulnerability scanner platforms
• Direct experience with CI/CD pipelines and automation tools
• Fundamental knowledge of container security (e.g., Docker, Kubernetes) and IaC applications
• Excellent verbal and written communication skills to effectively advise technical and non-technical stakeholders
• Strong problem-solving abilities and interpersonal skills suited to a collaborative, team-driven environment

Nice To Haves

• Security certifications (CISSP, CEH, OSCP, or similar)—strongly preferred but not mandatory; demonstration of practical expertise in both security and development/programming is most critical
• Prior exposure to consulting, training, or facilitating cross-functional security workshops is a plus
• Experience helping build security programs from the ground up, ideally in partnership with CISO or security leadership
• The candidate must be comfortable operating in a dynamic, growth-oriented environment with the willingness to take initiative and help shape the future of Accordion’s security posture
• Excited to be part of a growing team, with a focus on driving future growth
• Passionate about delivering exceptional client service
• Knowledgeable about the relationship between Private Equity sponsors and their portfolio companies, particularly within the office of the CFO
• Willing to get your hands dirty in the details of a project while simultaneously seeing the whole picture
• Comfortable managing projects with multiple complex workstreams while also focused on your single workstream (you are managing and doing)
• A self-starter with a strong work ethic
• Full of entrepreneurial spirit and comfortable in a fluid, flat organization
• Able to effectively communicate complex issues and solutions, and raise issues to senior team members when necessary
• A team player, able to work with team members across all levels
• Someone who enjoys mentoring others and doing meaningful work
• A leader of others; you lead by example

Responsibilities

• Collaborate with internal development teams to ensure deliverables meet enterprise security standards and best practices in our software development lifecycle
• Participate in code and architecture reviews, providing actionable recommendations and secure alternatives
• Advise on and help integrate secure solutions into application and infrastructure pipelines across Azure, AWS, Google Cloud Platform, and Oracle Cloud
• Work with the Security Engineer and Cloud Engineer to proactively identify, assess, and mitigate security risks in cloud environments and in any infrastructure as code
• Lead the implementation of recommendations from penetration tests and vulnerability assessments, working hands-on with development stakeholders
• Support the build-out of a robust DevSecOps program, partnering with Accordion’s CISO and Information Security Manager
• Serve as a subject matter expert to educate development teams with best practices regarding the SDLC
• Review CI/CD platforms (e.g., Jenkins, GitLab, AzureDataFactory, Databricks) and containers to ensure secure deployments
• Maintain awareness of emerging threats, security technologies, and compliance requirements relevant to Accordion’s business and clients
• Design and implement security policies, standards, and guidelines for development best practices tailored to Accordion’s and our client’s risk profile and industry frameworks (including GDPR, HIPAA, SOC, SOX, and PCI)
• Consistently support Security services firmwide as Accordion grows and scales