×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer

AppSec & DevSecOps Engineer

Job in New York, New York County, New York, 10261, USA
Listing for: Ppl Llc
Full Time position
Listed on 2026-02-23
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer
Salary/Wage Range or Industry Benchmark: 120000 - 135000 USD Yearly USD 120000.00 135000.00 YEAR
Job Description & How to Apply Below
Location: New York

App Sec & Dev Sec Ops  Engineer page is loaded## App Sec & Dev Sec Ops  Engineer locations:
New Yorktime type:
Full time posted on:
Posted 3 Days Agojob requisition :
JR25-000717

It's fun to work in a company where people truly BELIEVE in what they're doing!
* We're committed to bringing passion and customer focus to the business.
* Public Partnerships LLC supports individuals with disabilities or chronic illnesses and aging adults, to remain in their homes and communities and “self” direct their own long-term home care. Our role as the nation’s largest and most experienced Financial Management Service provider is to assist those eligible Medicaid recipients to choose and pay for their own support workers and services within their state-approved personalized budget.  

We are appointed by states and managed healthcare organizations to better serve more of their residents and members requiring long-term care and ensure the efficient use of taxpayer funded services.

Our culture attracts and rewards people who are results-oriented and strive to exceed customer expectations. We desire motivated candidates who are excited to join our fast-paced, entrepreneurial environment, and who want to make a difference in helping transform the lives of the consumers we serve. (learn more at ).
** Job Summary
** We are seeking an experienced and proactive Application Security (App Sec) and Dev Sec Ops  Engineer to embed security throughout the software development lifecycle and CI/CD pipelines. You will collaborate with development, operations, and security teams to design, implement, and maintain security best practices in our applications and infrastructure. This role ensures our systems are secure by design and compliant with industry standards, including HIPAA, SOC2, OWASP, NIST 800-53, and NIST SSDF.
*
* Duties & Responsibilities:

**** Secure SDLC Integration
*** Integrate security at every phase of the software development lifecycle.
* Collaborate with engineering and product teams in Agile/Scrum environments to prioritize, track, and remediate security issues during sprint cycles.
* Develop and maintain threat models and perform design reviews.
* Lead threat modeling sessions and conduct in-depth security architecture reviews.
* Educate development teams on secure coding practices.
* Contribute to secure backlog grooming and definition of security-related user stories and acceptance criteria.
* Actively support the organization’s secure software development lifecycle (SDLC) initiatives by integrating security controls, processes, and testing into development workflows and CI/CD pipelines.
** CI/CD Pipeline Security:
*** Integrate security testing tools (SAST, DAST, SCA, IaC scanning) into CI/CD pipelines.
* Automate security checks to ensure continuous compliance and early detection.
* Ensure integration of security scanning outputs into ticketing systems and development workflows for traceable remediation.
** Infrastructure & Dev Sec Ops
*** Secure containerized environments (Docker, Kubernetes).
* Ensure cloud infrastructure security (AWS/GCP/Azure) using infrastructure-as-code (IaC) tools like Terraform or Cloud Formation.
* Implement secrets management, identity and access control, and other cloud-native security features.
** Application Security:
*** Perform and manage vulnerability assessments, code reviews, and penetration testing.
* Lead application-level penetration testing efforts, both internally and with external vendors.
* Remediate findings by working closely with developers and product teams.
* Facilitate and track remediation activities as part of security sprints.
* Monitor and manage third-party/open-source dependencies for known vulnerabilities.
* Conduct security code reviews using both automated and manual analysis techniques.
*
* Required Skills:

*** Hands-on experience with security tools: SAST (e.g., Checkmarx, Sonar Cloud, Veracode), DAST (e.g., OWASP ZAP, Burp), SCA (e.g., Snyk, White Source), and IaC scanners (e.g., tfsec, Checkov).
* Proficiency in CI/CD tools (Jenkins, Git Lab CI/CD, Git Hub Actions).
* Experience with scripting and automation (Python, Bash, etc.).
* Solid understanding of OWASP Top 10, secure…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search