Senior DevSecOps Engineer

Job Description

Job Description

Job Description

Our client is seeking a skilled Senior DevSecOps Developer to join our technology team, focused on delivering secure, scalable, and resilient infrastructure solutions across the organization. In this role, you will collaborate closely with engineering and security teams to design, implement, and maintain DevSecOps pipelines and cloud-native platforms. You will integrate security best practices throughout the software development lifecycle, automate security controls, and ensure compliance with industry standards, with a strong emphasis on shifting security left. Your expertise will drive continuous improvement across CI/CD processes, policy as code, and application security, while leading the security of their mission-critical systems.

What you'll do

• Grow as the Subject Matter Expert (SME) for security best practices within the DevOps team
• Promote a culture of security, automation, and continuous improvement by mentoring team members
• Integrate and manage security controls and best practices across every stage of the software development lifecycle
• Manage DAST, IAST, and SAST tools to identify and remediate application and code vulnerabilities
• Automate security testing and compliance checks within DevOps workflows, including Docker image security scanning
• Develop and enforce policy as code for Kubernetes environments to ensure consistent security and compliance Implement and manage infrastructure as code (IaC) solutions for cloud and on-premises environments
• Collaborate with development, operations, and security teams to address vulnerabilities and improve overall security posture
• Continuously evaluate and improve DevSecOps tools, processes, and standards

Requirements

• Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field
• 5+ years of experience with DevSecOps practices, integrating security into CI/CD pipelines and the software development lifecycle
• 3+ years of hands-on experience deploying, managing, and securing Kubernetes clusters in production environments
• Proven expertise with policy as code frameworks (e.g., OPA/Gatekeeper, Kyverno) for Kubernetes security and compliance
• Demonstrated proficiency implementing and operating DAST, IAST, and SAST tools for application and code security
• 5+ years of experience with Docker image security scanning and container vulnerability management
• Strong background with infrastructure as code (IaC) tools such as Terraform, Helm, or Ansible
• Expert-level experience with Linux Experience with cloud platforms (AWS, GCP, Azure) and their security best practices
• Solid scripting and automation skills (e.g., Python, Bash, Go)
• Experience creating executive-level security reports and KPIs
• Excellent analytical, troubleshooting, and incident response abilities
• Strong communication and collaboration skills, with a passion for mentoring and continuous improvement
• Experience with eBPF and Cilium Tetragon is a plus

Benefits

We believe in providing with company ownership, competitive pay, and a range of meaningful benefits is the start of creating a culture where people want to give the best they’ve got — not because they’re simply making money, but because they’ve fallen in love with our vision, mission, values, and team.

During the interview process, your Recruiter will review our total rewards (base, equity, bonus, perks, benefit, culture) offerings. The final offer is determined by your proficiencies within this level.