DevSecOps Engineer

About The Position

Requirements

• Bachelors degree in Cybersecurity, Computer Science, Software Engineering
• 5+ years of experience with cloud platform services and DevSecOps practices.
• Strong organizational skills and attention to detail
• Must be able to communicate effectively with cross-functional teams.
• Ability to manage multiple projects and deadlines.
• Ability to work independently and as part of a team in a fast-paced environment.

Nice To Haves

• Professional Certifications in: EC-Council Certified DevSecOps Engineer (Highly Desired) ISACA Advanced AI Security Management (Highly Desired)

Responsibilities

• SECURE SDLC & CI/CD Review and triage findings from code, dependency, and infrastructure scans; drive remediation with software engineer teams and track to closure. Perform secure code reviews for high risk changes, focusing on authentication, authorization, input validation, crypto, and secrets handling.
• CLOUD & CONTAINER SECURITY Continuously validate cloud posture (Azure/AWS) against guardrails (CSPM/Policy-as-Code); open tickets for misconfigurations and follow through. Harden Containers: enforce admission controls, image provenance, runtime policies, and least-privilege service accounts.
• AI/ML SECURITY Test AI systems for adversarial risks daily (prompt injection, data poisoning indicators, model theft, jailbreaks, indirect prompt attacks). Validate privacy & compliance in AI use cases (PII masking, DLP, consent flags) and enforce policy in pipelines and serving layers.
• IDENTITY, SECRETS & ACCESS Rotate and validate secrets in code, pipelines, and model infra (KMS, vaults); eliminate hardcoded credentials and enforce short lived tokens. Review access patterns (human and service principals) for AI training/inference resources; ensure least privilege and conditional access.
• DETECTION & INCIDENT READINESS Tune detections for DevSecOps and AI signals (SIEM/SOAR rules for code repositories, registries, pipelines, model endpoints). Investigate alerts rapidly, perform root cause analysis, and document playbook steps/improvements.
• Policy, Compliance & Documentation Update runbooks and security guidelines (secure coding, AI model handling, data privacy) as changes land. Log evidence for controls (scan results, approvals, sign-offs) to support audits (SOC 2, ISO 27001, HIPAA, etc.). Maintain a safe working environment

Benefits

• medical
• dental
• vision
• life insurance
• short and long-term disability coverage
• education reimbursement
• 401(k)
• performance bonuses
• employee stock program
• Employee Resource Groups and Programs offered include the Young Professionals Group, Women at Wade Trim, Diversity, Equity and Inclusion, Professional Development, Leadership Development, Rotation Program, Mentor Program, Sustainability Program, and Wellness Program