Sr Cybersecurity DevSecOps Engineer

BECU

1d•$110,100 - $204,900•Hybrid

About The Position

Is it surprising to hear that a financial institution of 1.5 million members and over $30 billion in managed assets say that success comes from focusing on people, not profits? Our “people helping people” philosophy has guided us since 1935, driving our deep commitment to serving our members, communities, and each other. When you join our team, you become part of a purpose-driven organization where your work makes a real difference. While we’re proud of our history, we’re even more excited about our future. With business and technology transformation on the horizon, there’s never been a better time to be part of BECU. PAY RANGE The Target Pay Range for this position is $141,800.00-$173,300.00 annually. The full Pay Range is $110,100.00 - $204,900.00 annually. At BECU, compensation decisions are determined using factors such as relevant job-related skills, experience, and education or training. Should an offer for employment be made, we will consider individual qualifications. In addition to your salary, compensation incentives are available for the hired applicant. Incentives are performance based and targets vary by role. BENEFITS – because people helping people starts with supporting you 401(k) Company Match (up to 3%) 4% annual contribution to your 401(k) by BECU Medical, Dental and Vision (family contributions as well) PTO Program + Exchange Program Tuition Reimbursement Program BECU Cares volunteer time off + donation match IMPACT YOU’LL MAKE: The Sr. Cybersecurity DevSecOps Engineer on the CIAM delivery team is responsible for integrating security practices into the software delivery lifecycle, securing CIAM platform configurations and integrations, and ensuring that identity services are delivered in a resilient, compliant, and automated manner. The role supports team leadership by applying secure DevOps processes and collaborating with architecture, development, operations, product, and security teams to operationalize security controls across CI/CD pipelines, infrastructure, and identity flows. This is a hands-on engineering role focused on enablement, automation, and risk reduction rather than policy development. To join our dynamic team, we require candidates to be residents of WA, OR, ID, AZ, TX, GA, SC, NC, CA or VA. If you’re located in Washington state and within a reasonable driving distance from Tukwila, we are requesting that you come into our HQ on Tuesdays & Wednesdays. For those candidates that live outside the commute distance of TFC and in any of our approved remote work locations, this role will be remote. Remote or onsite, we are committed to ensuring you are fully engaged and included in our collaborative environment

Requirements

Bachelor’s degree in computer science or a related field, or equivalent experience.
5+ years of experience in DevSecOps, security engineering, or related discipline, including experience supporting or leading engineering teams.
Proficient in problem solving, leadership, and communication skills.
Knowledge of identity and authentication concepts (OAuth2, OIDC, SAML, token-based authentication, session security, API authorization).
knowledge of security principles such as threat modeling, risk assessment, and vulnerability management.
Ability to stay current with emerging technologies through work experience or continued learning.
Advanced scripting proficiency (Python, Bash).
Experience with CI/CD platforms such as Jenkins or GitLab CI.
Knowledge of cloud platforms (AWS, Azure, GCP) and core network/application security principles.
Familiarity with security frameworks such as NIST or ISO 27001.
Experience securing SaaS or cloud native platforms.
Experience working in Agile environments.

Responsibilities

Guide developers and engineers on secure engineering practices and help support adoption of security best practices.
Contribute to roadmap and strategy development for platform and infrastructure components.
Secure configuration and deployment of SaaS CIAM environments. Validate tenant configurations against enterprise security standards.
Ensure that security practices are embedded into the software development lifecycle (SDLC) from design through deployment.
Ensure that security checks are consistently applied and that vulnerabilities are identified and addressed early in the development process.
Develop clear security architecture documentation, data flow diagrams, and process artifacts.
Lead the design and implementation of secure infrastructure using Infrastructure as Code (IaC) tools such as Terraform, Ansible, or Kubernetes to create and manage infrastructure that is both scalable and secure.
Build tools, scripts, and policy as code solutions to automate security enforcement across CI/CD pipelines.
Define logging, monitoring, and alerting requirements to strengthen detection and operational response.
Support GDPR, HIPAA, and internal compliance requirements across CIAM systems and workflows.
Conduct risk assessments and implement controls that reduce exposure across delivery processes.
Promote shared responsibility for security across development and operations teams.
Identify opportunities to enhance security posture, tooling efficiency, and platform resilience.
Provide on-call support as needed and participate in the Security Incident Response Team to ensure quick resolution of security events.