Cyber Security Engineer - DevSecOps

Job Description:

• The Staff Cyber Security Engineer – Dev Sec Ops  will be responsible for designing, implementing, and maintaining security across embedded platforms, cloud-hosted applications, and software services.
• This role focuses on threat modeling, penetration testing, red-teaming, threat detection, incident response, and automation of security testing within CI/CD pipelines to ensure a strong and resilient security posture.

• Develop and maintain comprehensive threat models across embedded platforms, cloud services, and software applications.
• Conduct penetration testing and security assessments on embedded platforms and cloud-hosted applications.
• Perform red-teaming and adversarial testing for AI-powered and machine-learning-based services.
• Utilize security tools to identify, analyze, validate, and prevent vulnerabilities.
• Analyze security data across microservices, content delivery networks, data lakes, serverless functions, and databases.
• Use SIEM tools to correlate security events and detect anomalies.
• Participate in incident response, root cause analysis, and remediation activities.
• Develop and maintain incident response playbooks.
• Assess and mitigate supply chain security risks including open-source libraries.
• Identify and remediate software security flaws through code reviews and static and dynamic analysis.
• Develop and implement custom security solutions and automation scripts.
• Integrate security tools into CI/CD pipelines.
• Develop and maintain automated dynamic security testing functions.

• Bachelor’s degree in Computer Science, Information Technology, or a related field.
• Extensive experience in cybersecurity within software engineering environments.
• Expertise in secure API integration design and implementation.
• Strong knowledge of OWASP Top 10 for web applications and large language models including mitigation techniques.
• Experience with at least one programming language such as C, C++, Python, Go, JavaScript, Type Script, or Rust.
• Proficiency in cloud security, threat detection, data analysis, and incident response.
• Experience using security tools such as Burp Suite, PyRIT, Garak, MitM, Metasploit, Wireshark, Wiz, and Sonar Qube.
• Experience building and automating security tooling for hygiene, analysis, reporting, and intelligence.
• Strong understanding of microservices, content delivery networks, data lakes, serverless functions, and databases.
• Familiarity with cloud platforms and Dev Ops tools.
• Strong analytical, problem-solving, and communication skills.
• Ability to independently develop and implement security solutions.
• Experience developing and implementing automated security testing functions.

• Master’s degree in Computer Science or a related field.
• Cybersecurity certifications such as CompTIA CySA+, CISSP, CHFI, or OSCP.
• Experience in digital forensics.
• Experience working in a Dev Sec Ops  environment.

• Bachelor’s or Master’s degree in Computer Science, Computer Engineering, Electrical Engineering, Mathematics, or a related field.