JOBSEARCHER

Application DevSecOps Engineer

ARCHIVED

We can't find an active application page for this role right now. It may reopen or be listed elsewhere. Use Next Steps to search for an active apply link and similar live jobs.

Job DescriptionThe DevSecOps Engineer will be responsible for integrating security practices into the DevOps process, ensuring that security is embedded throughout the software development lifecycle. This role will collaborate with development, operations, and security teams to automate security controls, manage vulnerabilities, and maintain compliance with industry standards.ResponsibilitiesIntegrate security scanning tools (SAST, DAST, container scanning) into CI/CD pipelines to automatically detect vulnerabilities during code builds and deployments.Continuously monitor cloud environments (AWS, Azure, GCP) and applications for security threats, misconfigurations, and compliance violations.Review vulnerability reports, prioritize issues, and coordinate with development and operations teams to apply patches or remediation steps.Ensure secure management of credentials, secrets, and API keys using vaults or cloud-native solutions; regularly review and update access controls.Assist in investigating security alerts, analyzing logs, and responding to incidents affecting applications or cloud infrastructure.Work closely with developers, cloud engineers, and security analysts to embed security into design, development, and deployment processes.Evaluate, deploy, and update security tools and platforms; ensure they are properly configured and integrated with existing workflows.Maintain up-to-date documentation for security controls, processes, and incident response procedures.Provide guidance and training to development and operations teams on secure coding, cloud security, and DevSecOps best practices.Review code for security issues and ensure adherence to secure coding standards.Ensure systems and processes meet regulatory and client requirements (e.g., GDPR, SOC 2, HIPAA).QualificationsHigh School diploma or GED required; Bachelor's degree in Computer Science or Information Systems preferred.3+ years of experience in DevSecOps, Cloud Security, or related roles; understanding of vulnerability management, risk assessment, and remediation processes.Relevant certifications (e.g., AWS Certified Security – Specialty, Azure Security Engineer Associate, GIAC DevSecOps, CISSP) preferred.Familiarity with identity and access management, secrets management (HashiCorp Vault, AWS Secrets Manager) and API security.Experience with CI/CD pipelines and integrating security tools.Hands-on experience with cloud platforms (AWS, Azure, GCP).Familiarity with regulatory frameworks (GDPR, SOC 2, HIPAA) and knowledge of how to implement controls to meet them.Deep understanding of DevOps principles and the secure software development lifecycle (SDLC).Knowledge of security scanning tools (SAST, DAST, container/image scanning) and cloud-native security services (AWS Security Hub, Azure Security Center, GCP Security Command Center).Awareness of incident response processes and log analysis, and knowledge of secure coding standards (OWASP Top 10, CWE/SANS Top 25).National Range: $85,000 - $110,000 (Maryland: same; NYC/Long Island/Westchester: same).All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability or protected veteran status. BDO USA, P.A. is an EO employer M/F/Veteran/Disability.J-18808-Ljbffr