Senior DevSecOps Engineer

Job Purpose

The Senior Dev Sec Ops  Engineer is an individual contributor responsible for designing, implementing, and operating security controls across the software development lifecycle (SDLC). This role partners closely with Engineering teams, IT Operations, and the Manager of Cyber Security to embed security directly into development workflows, CI/CD pipelines, and cloud platforms. The core function of this role is active, hands‑on partnership with Engineering teams to build secure‑by‑default patterns, improve secure design and delivery practices, and implement security controls within existing development and operational workflows.

While the role maintains awareness of governance and compliance requirements, the primary focus is practical engineering execution that results in scalable, auditable, and repeatable security outcomes.

• Design, implement, and maintain security controls across all SDLC phases
• Translate security policy, OWASP guidance, and SOC‑aligned requirements into engineering standards and pipeline controls
• Embed security checks and guardrails into Agile and Dev Ops workflows (Jira Software, Azure Dev Ops)
• Ensure SDLC controls generate reliable, repeatable audit evidence supporting SOX and SOC 1 / SOC 2 assessments
• Perform application risk profiling and threat modeling for new and materially changed systems
• Review application, API, and platform architectures from a security and risk perspective, providing guidance on required security controls and integration patterns
• Design and implement security architecture components, guardrails, and shared controls supporting Azure PaaS resources, identity integrations, web and API services, and data platforms (Microsoft SQL, Oracle SQL, Cosmos
  
  DB, Databricks, Microsoft Fabric)
• Partner with architects and engineers to ensure alignment with approved security patterns and baselines, without owning application code or business logic
• Secure CI/CD pipelines and Git‑based workflows
• Implement application security tooling integrations and tune results for actionable signal (SAST, DAST, SCA, image scanning, secrets detection)
• Implement secure secret management, pipeline access controls, and deployment protections
• Configure and maintain security controls for Web Application Firewalls (WAF), API gateways, and ingress layers
• Define security testing requirements and acceptance criteria aligned to SDLC controls
• Implement and maintain automated security testing workflows
• Validate remediation of application and pipeline security findings
• Maintain traceability between findings, fixes, Jira tickets, and generated audit evidence

• Perform application risk profiling and threat modeling for new and materially changed systems
• Review application, API, and platform architectures from a security and risk perspective, providing guidance on required security controls and integration patterns
• Design and implement security architecture components, guardrails, and shared controls supporting Azure PaaS resources and identity integrations (Entra , Azure B2C/External ), web applications hosted on IIS and Node.js, APIs and externally exposed services, and data platforms including Microsoft SQL, Oracle SQL, Cosmos
  
  DB, Databricks, and Microsoft Fabric
• Partner with architects and engineers to ensure alignment with approved security patterns and baselines, without owning application code or business logic

• Secure CI/CD pipelines and Git‑based workflows
• Implement application security tooling integrations and tune results for actionable signal
• Integrate SAST, DAST, SCA, image scanning, and secrets detection into pipelines
• Implement secure secret management, pipeline access controls, and deployment protections
• Configure and maintain security controls for Web Application Firewalls (WAF), API gateways, and ingress layers

• Define security testing requirements and acceptance criteria aligned to SDLC controls
• Implement and maintain automated security testing workflows
• Validate remediation of application and pipeline…