{"schemaVersion":"jobsearcher.job.v1","id":"7d64441df005dfb959cedd05","url":"https://jobsearcher.com/jobs/7d64441df005dfb959cedd05","canonicalUrl":"https://jobsearcher.com/jobs/7d64441df005dfb959cedd05","title":"DevSecOps Engineer","description":"Submit your application and resume through our online form. We'll review your qualifications and get back to you soon.\nSilpa Companies, LLC is a national IT consulting and staffing firm empowering organizations across multiple industries through a blend of AI adoption, Master Data Management, Data and Analytics, Cybersecurity, Cloud Engineering, DevSecOps/GitOps, Fractional C-Suite leadership, Digital Transformation, and M&A advisory for private equity and software ventures.\nRole Description Silpa Companies is seeking a hands-on DevSecOps Engineer for contract, project-based engagements across our cloud engineering, application security, and platform delivery portfolio. You will embed with client engineering teams to build, secure, and automate the pipelines, infrastructure, and delivery workflows that power modern software organizations. This role sits at the intersection of development, operations, and security. You are not a policy writer or an auditor. You are an engineer who builds secure systems, automates security controls into pipelines, and hardens cloud infrastructure across Azure, AWS, and GCP. You are comfortable writing Terraform, tuning a SIEM alert, reviewing a Dockerfile for security misconfigurations, and advising a development team on secrets management in the same week. Versatility and technical depth are what make this role work.\nKey Responsibilities Design, build, and maintain secure CI/CD pipelines using GitHub Actions, Azure DevOps, Jenkins, GitLab CI, or equivalent tooling.\nIntegrate SAST, DAST, SCA, container scanning, and secrets detection tools directly into pipeline workflows.\nEnforce security gates, policy-as-code checks, and compliance controls as automated pipeline steps.\nManage pipeline secrets, service credentials, and environment configurations using vault solutions (HashiCorp Vault, AWS Secrets Manager, Azure Key Vault).\nContinuously improve pipeline performance, reliability, and security posture across client delivery environments.\nDesign and implement secure cloud infrastructure across Azure, AWS, and GCP using infrastructure-as-code (Terraform, Bicep, CloudFormation, Pulumi).\nHarden cloud environments against misconfigurations using tools such as Prisma Cloud, Wiz, Defender for Cloud, or AWS Security Hub.\nImplement and manage identity and access controls including IAM policies, service accounts, RBAC, and least-privilege enforcement.\nConfigure and maintain network security controls including VPCs, security groups, private endpoints, and zero-trust network access patterns.\nMonitor cloud environments for security events, anomalies, and compliance drift using SIEM and cloud-native observability platforms.\nSecure containerized workloads and Kubernetes clusters including pod security policies, network policies, image scanning, and runtime protection.\nManage and harden Kubernetes environments across AKS, EKS, and GKE.\nEnforce image provenance, vulnerability scanning, and supply chain security practices across container registries.\nPartner with development teams to shift security left and build a culture of secure-by-default engineering.\nConduct architecture reviews and threat modeling sessions to identify security risks early in the development lifecycle.\nProduce clear documentation for pipelines, runbooks, security controls, and infrastructure configurations.\nSupport incident response activities including forensic data collection, environment containment, and post-incident hardening.\nAssess and harden AI-powered applications and LLM integrations against threats defined in the OWASP LLM Top 10.\nIntegrate AI-specific security scanning and validation controls into CI/CD pipelines for applications that consume LLM APIs or deploy ML models.\nEvaluate and enforce data privacy and access controls for AI workloads including RAG pipelines, vector databases, fine-tuning datasets, and model endpoints.\nSupport secure deployment of AI services across Azure OpenAI, AWS Bedrock, and Google Vertex AI including network isolation, identity controls, and logging.\nWhat We Are Looking For 3 or more years of hands-on DevSecOps, platform engineering, or cloud security engineering experience.\nProficiency with CI/CD tooling and the ability to build and modify pipelines, not just run them.\nHands-on experience securing infrastructure and workloads across Azure, AWS, and GCP.\nStrong IaC skills with Terraform and at least one cloud-native IaC tool (Bicep, CloudFormation, or Pulumi).\nExperience with container security across Docker and Kubernetes, including cluster hardening and image scanning.\nWorking knowledge of application security tooling including SAST, DAST, SCA, and secrets scanning solutions.\nFamiliarity with AI and LLM security risks including OWASP LLM Top 10, prompt injection, data leakage through model outputs, and supply chain risks in ML pipelines.\nFamiliarity with compliance frameworks (SOC 2, NIST, CIS Benchmarks) as they apply to cloud and pipeline environments.\nStrong scripting skills in Python, Bash, or PowerShell to automate security and operations workflows.\nEligibility Requirements Authorized to work in the U.S.\nCandidates located in the Houston, Texas area will be given preference; however, remote practitioners will also be considered.\nReliable, secure internet connection and ability to travel to client sites as required by engagement scope.\nAvailable to mobilize within a standard engagement window and maintain consistent availability throughout project duration.\nWhy Join Us? Silpa Companies places DevSecOps Engineers on engagements where the work is real, the environments are complex, and your contributions directly improve how clients build and ship software. You will work across cloud platforms, pipeline toolchains, and security stacks that span multiple industries and technology maturity levels. No two engagements are the same. Engineers who bring technical depth and a security-first mindset build strong reputations within the Silpa network and are consistently prioritized for follow-on and expanded scope engagements.\n\n#J-18808-Ljbffr","company":"Silpa Consulting","rawCompany":"silpa consulting","city":"Houston","state":"TX","isRemote":false,"isActive":false,"createdAt":"2026-04-09T08:00:04.486Z","occupations":[{"code":"15-1299.05","title":"Information Security Engineers","slug":"information-security-engineers"},{"code":"15-1299.08","title":"Computer Systems Engineers/Architects","slug":"computer-systems-engineers-architects"},{"code":"15-1252.00","title":"Software Developers","slug":"software-developers"}],"industries":[{"code":"541512","title":"Computer Systems Design Services","slug":"computer-systems-design-services"},{"code":"541511","title":"Custom Computer Programming Services","slug":"custom-computer-programming-services"},{"code":"513210","title":"Software Publishers","slug":"software-publishers"}],"jobPosting":{"@context":"https://schema.org","@type":"JobPosting","title":"DevSecOps Engineer","description":"Submit your application and resume through our online form. We'll review your qualifications and get back to you soon.\nSilpa Companies, LLC is a national IT consulting and staffing firm empowering organizations across multiple industries through a blend of AI adoption, Master Data Management, Data and Analytics, Cybersecurity, Cloud Engineering, DevSecOps/GitOps, Fractional C-Suite leadership, Digital Transformation, and M&A advisory for private equity and software ventures.\nRole Description Silpa Companies is seeking a hands-on DevSecOps Engineer for contract, project-based engagements across our cloud engineering, application security, and platform delivery portfolio. You will embed with client engineering teams to build, secure, and automate the pipelines, infrastructure, and delivery workflows that power modern software organizations. This role sits at the intersection of development, operations, and security. You are not a policy writer or an auditor. You are an engineer who builds secure systems, automates security controls into pipelines, and hardens cloud infrastructure across Azure, AWS, and GCP. You are comfortable writing Terraform, tuning a SIEM alert, reviewing a Dockerfile for security misconfigurations, and advising a development team on secrets management in the same week. Versatility and technical depth are what make this role work.\nKey Responsibilities Design, build, and maintain secure CI/CD pipelines using GitHub Actions, Azure DevOps, Jenkins, GitLab CI, or equivalent tooling.\nIntegrate SAST, DAST, SCA, container scanning, and secrets detection tools directly into pipeline workflows.\nEnforce security gates, policy-as-code checks, and compliance controls as automated pipeline steps.\nManage pipeline secrets, service credentials, and environment configurations using vault solutions (HashiCorp Vault, AWS Secrets Manager, Azure Key Vault).\nContinuously improve pipeline performance, reliability, and security posture across client delivery environments.\nDesign and implement secure cloud infrastructure across Azure, AWS, and GCP using infrastructure-as-code (Terraform, Bicep, CloudFormation, Pulumi).\nHarden cloud environments against misconfigurations using tools such as Prisma Cloud, Wiz, Defender for Cloud, or AWS Security Hub.\nImplement and manage identity and access controls including IAM policies, service accounts, RBAC, and least-privilege enforcement.\nConfigure and maintain network security controls including VPCs, security groups, private endpoints, and zero-trust network access patterns.\nMonitor cloud environments for security events, anomalies, and compliance drift using SIEM and cloud-native observability platforms.\nSecure containerized workloads and Kubernetes clusters including pod security policies, network policies, image scanning, and runtime protection.\nManage and harden Kubernetes environments across AKS, EKS, and GKE.\nEnforce image provenance, vulnerability scanning, and supply chain security practices across container registries.\nPartner with development teams to shift security left and build a culture of secure-by-default engineering.\nConduct architecture reviews and threat modeling sessions to identify security risks early in the development lifecycle.\nProduce clear documentation for pipelines, runbooks, security controls, and infrastructure configurations.\nSupport incident response activities including forensic data collection, environment containment, and post-incident hardening.\nAssess and harden AI-powered applications and LLM integrations against threats defined in the OWASP LLM Top 10.\nIntegrate AI-specific security scanning and validation controls into CI/CD pipelines for applications that consume LLM APIs or deploy ML models.\nEvaluate and enforce data privacy and access controls for AI workloads including RAG pipelines, vector databases, fine-tuning datasets, and model endpoints.\nSupport secure deployment of AI services across Azure OpenAI, AWS Bedrock, and Google Vertex AI including network isolation, identity controls, and logging.\nWhat We Are Looking For 3 or more years of hands-on DevSecOps, platform engineering, or cloud security engineering experience.\nProficiency with CI/CD tooling and the ability to build and modify pipelines, not just run them.\nHands-on experience securing infrastructure and workloads across Azure, AWS, and GCP.\nStrong IaC skills with Terraform and at least one cloud-native IaC tool (Bicep, CloudFormation, or Pulumi).\nExperience with container security across Docker and Kubernetes, including cluster hardening and image scanning.\nWorking knowledge of application security tooling including SAST, DAST, SCA, and secrets scanning solutions.\nFamiliarity with AI and LLM security risks including OWASP LLM Top 10, prompt injection, data leakage through model outputs, and supply chain risks in ML pipelines.\nFamiliarity with compliance frameworks (SOC 2, NIST, CIS Benchmarks) as they apply to cloud and pipeline environments.\nStrong scripting skills in Python, Bash, or PowerShell to automate security and operations workflows.\nEligibility Requirements Authorized to work in the U.S.\nCandidates located in the Houston, Texas area will be given preference; however, remote practitioners will also be considered.\nReliable, secure internet connection and ability to travel to client sites as required by engagement scope.\nAvailable to mobilize within a standard engagement window and maintain consistent availability throughout project duration.\nWhy Join Us? Silpa Companies places DevSecOps Engineers on engagements where the work is real, the environments are complex, and your contributions directly improve how clients build and ship software. You will work across cloud platforms, pipeline toolchains, and security stacks that span multiple industries and technology maturity levels. No two engagements are the same. Engineers who bring technical depth and a security-first mindset build strong reputations within the Silpa network and are consistently prioritized for follow-on and expanded scope engagements.\n\n#J-18808-Ljbffr","datePosted":"2026-04-09T08:00:04.486Z","dateModified":"2026-04-09T08:00:04.486Z","hiringOrganization":{"@type":"Organization","name":"Silpa Consulting","sameAs":"https://jobsearcher.com"},"jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Houston","addressRegion":"TX","addressCountry":"US"}},"identifier":{"@type":"PropertyValue","name":"JobSearcher","value":"7d64441df005dfb959cedd05"},"url":"https://jobsearcher.com/jobs/7d64441df005dfb959cedd05"}}