DevSecOps Specialist

About The Position

Requirements

• Minimum of five years related work experience.
• Undergraduate degree in a related field or the equivalent combination of training and experience.

Responsibilities

• Secure the software development lifecycle (SDLC) by applying application development, deployment, and security expertise.
• Operate, configure, and continuously improve application security tooling, with a primary focus on SAST and SCA, including policy tuning and integration into CI/CD pipelines.
• Identify, analyze, and triage application security vulnerabilities; apply risk-based prioritization and work with engineering teams to drive timely remediation.
• Collaborate with App Sec engineers and peer security teams to ensure consistent implementation, coverage, and alignment of application security tools, standards, and processes.
• Champion a low-friction developer experience by streamlining scan workflows, reducing false positives, and providing clear, actionable feedback.
• Participate in an on-call rotation to support application security tooling, assist developers, and respond to security threat events when required.
• Identify and implement opportunities to automate application security processes to improve scalability, efficiency, and coverage.
• Gather and report meaningful metrics to measure vulnerability trends, tool effectiveness, and application security program maturity.
• Develop and maintain documentation for application security technologies, processes, and standards.
• Provide guidance and training to development and cloud engineering teams on secure coding, dependency management, and deployment best practices.
• Stay current on application security trends, tools, and standards, and contribute to continuous improvement of the AppSec program.
• Participate in special projects and perform other duties as assigned.