Description
Key Responsibilities
- Implement secure CI/CD pipelines with automated scanning, secret management, and policy enforcement.
- Collaborate with development and infrastructure teams to enforce secure coding and deployment practices.
- Integrate tools for Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Bill of Materials (SBOM) generation, and compliance tracking.
- Maintain least-privilege access, code signing, and artifact integrity.
- Support security audits, vulnerability remediation, and logging/alerting frameworks.
Required Qualifications
- Minimum 5 years of experience in DevSecOps, infrastructure security, or secure development roles.
- Experience with CI/CD tools such as GitHub Actions, Jenkins, or Bamboo in regulated environments.
- Familiarity with security frameworks and standards such as OWASP, NIST 800-53, or CJIS.
- Strong scripting and automation skills (e.g., Python, Bash).
- Knowledge of container security, SBOM, and dependency scanning tools.
Preferred Qualifications
- Experience working in environments with strict compliance and audit requirements
Education
Any Gradute
- Posted On: Today
- Experience: 5+ years of experience
- Openings: 1
- Category: DevsecOps Engineer
- Tenure: Contract - Corp-to-Corp Position