SDLC Security Operations Engineer; DevSecOps
Job in
Town of Poland, Jamestown, Chautauqua County, New York, 14701, USA
Listed on 2026-03-01
Listing for:
NorthBay Solutions
Full Time, Seasonal/Temporary
position Listed on 2026-03-01
Job specializations:
-
IT/Tech
Cybersecurity, Data Security, Systems Engineer, Security Manager
Job Description & How to Apply Below
Location: Town of Poland
Job Title:
SDLC Security Operations Engineer (Dev Sec Ops )
Experience:
7–9 Years
Location:
India - Remote (UAE Business Hours)
Employment Type:
Full-Time
We are looking for a hands‑on SDLC Security Operations Engineer to embed security controls into CI/CD pipelines and engineering workflows for a larger enterprise customer in the UAE. This role focuses on operationalizing Dev Sec Ops integrating scanning tools, enforcing pipeline guardrails, reducing security debt, and ensuring SDLC controls align with ISO 27001, SOC 2, PIC/DSS etc.
Key Responsibilities- Integrate and operate security controls across CI/CD pipelines using Git Hub, Git Lab, Azure Dev Ops, and Jenkins
- Implement and manage SAST/DAST, dependency scanning, secret scanning, and pipeline security gates (build-time enforcement)
- Establish secure build and release practices: artifact integrity, signing/verification, and controlled promotions across environments
- Implement secure secrets management practices and prevent credential leakage in repos and pipelines
- Drive remediation workflows with developers: triage findings, validate fixes, reduce false positives, and improve rule tuning
- Embed security checks for infrastructure-as-code and configuration where applicable; ensure consistent secure‑by‑default patterns
- Support secure SDLC documentation, control mapping, and audit evidence for ISO 27001, SOC 2, etc. (policies, logs, approvals, attestations)
- Contribute to developer enablement via secure coding guidance, playbooks, and integration patterns that reduce friction
Skills & Qualifications
- 7–9 years of experience in Dev Sec Ops / Application Security Engineering / SDLC Security Operations
- Strong hands‑on experience with CI/CD tools:
Git Hub, Git Lab, Azure Dev Ops, Jenkins - Hands‑on experience operating App Sec tooling: SAST/DAST and software supply chain controls (dependency risk management)
- Strong understanding of secure SDLC concepts (threat modeling basics, security testing, release governance)
- Ability to collaborate deeply with engineering teams and translate findings into actionable fixes
- Familiarity with Linux‑based build environments and common developer workflows
- CSSLP or equivalent application security certifications
- CISSP or CISM
- PCIP (ISA) – PCI Professional (Internal Security Assessor)
- Qualified Security Assessor (QSA) (where applicable/available)
- CISA
- AWS Certified Dev Ops Engineer – Professional
- AWS Certified Security – Specialty
- Microsoft Azure Dev Ops Engineer Expert (AZ‑400)
- Microsoft Azure Security Engineer Associate (AZ‑500)
- Experience in telecom, government or regulated environments with audit‑driven SDLC controls
- Exposure to container security, artifact repositories, and release governance patterns
- Automation skills (Python/Bash) to streamline scanning, reporting, and control enforcement
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×