DevSecOps Engineer (Santa Rosa)

This is a contract and onsite role through Magnit Global with one of the world's leading Test Equipment Manyfacture companies. This is NOT a C2C opportunity and is on W-2.ResponsibilitiesJob description:We are seeking a Technical Business Process Analyst with experience in software engineering and security-focused processes. This role partners closely with software engineering, product management, security, compliance, and IT teams to analyze, design, and optimize business and delivery processes that support secure-by-design software development. The ideal candidate understands how business workflows, engineering practices, and security controls intersect across the software lifecycle.This is a hands-on, execution-focused role designed to define software engineering procedures and augment internal teams by turning draft content and evolving practices into clear, consistent, and publish-ready documentation and processes. The ideal candidate is highly detail-oriented, comfortable working from partially formed inputs, and skilled at translating complex technical and security concepts into usable, developer-friendly artifacts.Job Requirements:Translate security requirements and standards into actionable engineering proceduresIdentify gaps, inefficiencies, and security risks in existing processesGather inputs and feedback from subject matter experts and incorporate changes efficientlyDocument "to-be" processes that embed security requirements into engineering workflows with clear handoffs and responsibilities such asProcess flowsSwimlane diagramsStep-by-step proceduresAssist with editing, finalizing, and publishing draft:Technical security standardsTechnical security proceduresReusable technical artifact templatesEnsure documentation is aligned with approved policies, standards, and engineering practicesEnsure requirements remain aligned with evolving engineering practices and platformsMaintain version control, formatting standards, and publishing readiness for technical contentFacilitate process mapping and improvement workshops for engineering and security teamsSupport vulnerability triage workflows, risk acceptance, and remediation trackingServe as a key liaison between software engineering, architecture, product, security, IT, and compliance teamsExcellent documentation, facilitation, analytical, and technical and stakeholder communication skillsDrive continuous improvement using data and engineering feedbackPreferred Qualifications:Hands-on experience documenting and improving security-related processesFamiliarity with application security concepts such as:Secure SDLC / DevSecOpsVulnerability managementThreat modeling basicsFamiliarity with security frameworks and standards (e.g., NIST)Experience supporting audits, risk assessments, or security reviewsExposure to engineering tools such as GitHub/GitLab, Jira, Confluence, CI/CD pipelinesExperience leveraging AI tools to design and automate processes