DevSecOps Engineer

Quzara LLC

57d•Remote

About The Position

The DevSecOps Engineer (Detection & Pipeline Security) plays a pivotal role at the crossroads of DevOps, Security Engineering, and Threat Detection. This position is responsible for managing secure CI/CD pipelines across high-compliance environments and ensuring detection logic is deployed and maintained with the same rigor as application code. This engineer will own the secure release management of Quzara’s Authorized Platforms while operationalizing “Shift Left” principles—integrating security scanning, container validation, and detections into early stages of the development lifecycle. The ideal candidate is deeply technical, thrives in high-security environments, and collaborates closely with both engineering and SOC teams.

Requirements

Prior experience in a DevSecOps or Security Engineering role is required (Candidates must have both DevOps experience and security background)
3–5+ years’ experience managing CI/CD pipelines within cloud-native environments (Azure DevOps strongly preferred).
Hands-on experience deploying and managing containerized workloads (Docker, Kubernetes) in a secure and scalable way.
Advanced knowledge of Azure DevOps, Azure Kubernetes Service (AKS), Azure Container Registry, and Microsoft Sentinel/KQL.
Demonstrated experience integrating security tooling into DevOps pipelines (SAST/DAST, policy-as-code, IaC validation, etc.).
Strong familiarity with compliance frameworks such as FedRAMP, CMMC, or FISMA, and their technical enforcement in the SDLC.

Nice To Haves

Microsoft Certified: DevOps Engineer Expert (AZ-400)
Microsoft Certified: Azure Security Engineer Associate (AZ-500)
Additional certifications such as SC-200 (Security Operations Analyst) or Kubernetes Security Specialist (CKS) are a plus.

Responsibilities

Manage the Detections as Code (DaC) lifecycle for threat detection logic using KQL or Sigma formats, implementing version control (Git) and automated deployment pipelines.
Harden and maintain Azure DevOps (ADO) pipelines, agents, and related CI/CD workflows for both software and detection releases in high-compliance environments.
Administer and secure the Azure Container Registry (ACR), ensuring containers are scanned, patched, and aligned to STIG compliance prior to production deployment.
Implement Shift Left security techniques by integrating SAST, DAST, and compliance scans directly into build pipelines to identify vulnerabilities early.
Partner with the Threat Intelligence and SOC teams to automate deployment of detection content, hunting queries, and analytics into Microsoft Sentinel and related tools.
Build and maintain secure CI/CD templates, YAML pipelines, and secrets management for infrastructure, detection logic, and application components.
Provide audit evidence and documentation to support FedRAMP, FISMA, and CMMC continuous monitoring efforts.
Stay current with container, cloud, and CI/CD security innovations and implement them in real-time across production systems.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume