DevSecOps Security Engineer

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Security, or related field, or equivalent practical experience.
• Minimum five (5) years of experience in DevSecOps, Cloud Security, Security Engineering.
• Hands-on experience with GitHub / GitHub Actions or similar CI/CD tools.
• Strong expertise in AWS cloud services and security controls.
• Experience with Infrastructure-as-Code tools (Terraform preferred).
• Strong understanding of CI/CD pipeline design, automation, and security integration.
• Experience with containers and orchestration (Docker, Kubernetes, ECS).
• Knowledge of IAM, OIDC, secrets management, and key management (KMS).
• Strong understanding of Git workflows, branching strategies, and pull request processes.
• Knowledge of OWASP Top 10 and application security principles.
• Proficiency in scripting languages such as Python, Bash, or Go.
• Experience with security tools such as Mend, SonarQube, Prowler, Trivy, OWASP ZAP, or Burp Suite.
• AWS Certified Developer – Associate is required at time of hire.
• AWS Certified DevOps Engineer – Professional is required and must be obtained within 6 months of hire.

Nice To Haves

• AWS Certified Security – Specialty is highly desired and must be obtained within 6 months of hire.
• AWS Certified SysOps Administrator – Associate, or AWS Certified Solutions Architect – Associate are highly desired.
• Security certifications (CISSP, CCSP, GIAC) are highly desired.
• Experience in financial or regulated environments.
• Exposure to offensive security practices, AI/ML security risks.
• Experience with SIEM/SOAR platforms and security automation is a plus.

Responsibilities

• Design, implement, and maintain security controls within GitHub and Azure DevOps-based CI/CD pipelines.
• Integrate security tools (SAST, SCA, DAST, container and secrets scanning) into pipelines.
• Develop automation scripts for secure deployments, monitoring, and operational efficiency.
• Secure AWS environments including services such as EC2, S3, Lambda, IAM, GuardDuty, Inspector, and CloudWatch.
• Implement IAM, OIDC, secrets management, and KMS-based encryption controls.
• Design and maintain Infrastructure-as-Code solutions using Terraform, CloudFormation, or AWS CDK.
• Secure containerized environments using Docker and Kubernetes, including cluster hardening and policy enforcement.
• Improve container security through image scanning, signing, and registry controls.
• Implement logging, monitoring, alerting, and observability solutions for cloud workloads.
• Monitor systems for threats, indicators of compromise, and compliance gaps.
• Perform vulnerability management, tracking, and remediation.
• Participate in incident response, investigation, and recovery activities.
• Support audit and compliance requirements (PCI-DSS, SOC2, NIST) and coordinate with GRC teams.
• Review code, infrastructure changes, and releases for security risks.
• Collaborate with DevOps and engineering teams to enforce secure SDLC practices.
• Provide technical guidance on security architecture and best practices.
• Mentor team members and promote a culture of security, automation, and continuous improvement.
• Develop and track security metrics, KPIs, and pipeline telemetry.

Benefits

• Competitive overall compensation package
• Work/Life balance
• Employee engagement activities and recognition awards
• Years of Service awards
• Career enhancement and growth opportunities
• Leadership Academy and Mentor Program
• Continuing education and career certifications
• Variety of healthcare coverage options
• Traditional and Roth 401(k) retirement plans
• Lucrative Wellness Program