DevSecOps Engineer

Quzara LLC-posted 10 days ago
Full-time • Mid Level
Remote
11-50 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

The DevSecOps Engineer (Detection & Pipeline Security) plays a pivotal role at the crossroads of DevOps, Security Engineering, and Threat Detection. This position is responsible for managing secure CI/CD pipelines across high-compliance environments and ensuring detection logic is deployed and maintained with the same rigor as application code. This engineer will own the secure release management of Quzara’s Authorized Platforms while operationalizing “Shift Left” principles—integrating security scanning, container validation, and detections into early stages of the development lifecycle. The ideal candidate is deeply technical, thrives in high-security environments, and collaborates closely with both engineering and SOC teams.

  • Manage the Detections as Code (DaC) lifecycle for threat detection logic using KQL or Sigma formats, implementing version control (Git) and automated deployment pipelines.
  • Harden and maintain Azure DevOps (ADO) pipelines, agents, and related CI/CD workflows for both software and detection releases in high-compliance environments.
  • Administer and secure the Azure Container Registry (ACR), ensuring containers are scanned, patched, and aligned to STIG compliance prior to production deployment.
  • Implement Shift Left security techniques by integrating SAST, DAST, and compliance scans directly into build pipelines to identify vulnerabilities early.
  • Partner with the Threat Intelligence and SOC teams to automate deployment of detection content, hunting queries, and analytics into Microsoft Sentinel and related tools.
  • Build and maintain secure CI/CD templates, YAML pipelines, and secrets management for infrastructure, detection logic, and application components.
  • Provide audit evidence and documentation to support FedRAMP, FISMA, and CMMC continuous monitoring efforts.
  • Stay current with container, cloud, and CI/CD security innovations and implement them in real-time across production systems.
  • Prior experience in a DevSecOps or Security Engineering role is required (Candidates must have both DevOps experience and security background)
  • 3–5+ years’ experience managing CI/CD pipelines within cloud-native environments (Azure DevOps strongly preferred).
  • Hands-on experience deploying and managing containerized workloads (Docker, Kubernetes) in a secure and scalable way.
  • Advanced knowledge of Azure DevOps, Azure Kubernetes Service (AKS), Azure Container Registry, and Microsoft Sentinel/KQL.
  • Demonstrated experience integrating security tooling into DevOps pipelines (SAST/DAST, policy-as-code, IaC validation, etc.).
  • Strong familiarity with compliance frameworks such as FedRAMP, CMMC, or FISMA, and their technical enforcement in the SDLC.
  • Microsoft Certified: DevOps Engineer Expert (AZ-400)
  • Microsoft Certified: Azure Security Engineer Associate (AZ-500)
  • Additional certifications such as SC-200 (Security Operations Analyst) or Kubernetes Security Specialist (CKS) are a plus.
Track Jobs with Teal

Job Search Resources

AI Resume Builder
DevSecOps Engineer Resume Examples
DevSecOps Engineer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service