More jobs:
Job Description & How to Apply Below
Job Description – Security Engineer / Dev Sec Ops Engineer
Core Security Expertise
Secure SDLC: Implement and embed security practices across all phases of the software development lifecycle—from design through deployment.
Threat Modeling: Use frameworks such as STRIDE, DREAD, or PASTA to proactively identify and mitigate architectural and implementation risks.
Vulnerability Management: Conduct vulnerability assessments using tools like Nessus, Qualys, or OpenVAS and deliver actionable remediation plans.
Application Security: Strong understanding of OWASP Top 10 risks and hands‑on experience with SAST, DAST, IAST, and RASP tools.
Identity & Access Management: Implement IAM principles such as least privilege, RBAC/ABAC, SSO, and MFA.
Development & Automation
Programming/Scripting: Proficiency in Python, Bash, Go, or JavaScript.
CI/CD Security: Secure and harden pipeline tools including Jenkins, Git Hub Actions, Git Lab CI, and Azure Dev Ops. Integrate automated security testing into CI/CD workflows.
Infrastructure‑as‑Code Security:
Experience with Terraform, Cloud Formation, and Ansible. Familiarity with security scanners such as Checkov, tfsec, Terrascan, and Policy‑as‑Code (OPA/Conftest).
Container & Orchestration Security: Practical experience securing Docker, Kubernetes, and Helm ecosystems. Exposure to Trivy, Anchore, Falco, and Kyverno.
Cloud & Platform Security
Cloud Security: Strong understanding of AWS, Azure, or GCP security components (IAM, VPC, KMS, WAF, Secrets Manager).
Experience with CSPM or CWPP tools.
Secrets Management: Hands‑on experience with Vault, AWS Secrets Manager, SOPS, or equivalent secret‑management solutions.
Monitoring, Detection & Incident Response
Security Monitoring & SIEM: Experience using Splunk, ELK, Sentinel, Panther, or Datadog for anomaly detection and alert triage.
Incident Response & Forensics: Ability to analyze logs, investigate breaches, respond to incidents, and implement long‑term mitigation.
Governance, Risk & Compliance
Knowledge of frameworks like NIST, ISO 27001, CIS Benchmarks, SOC 2, and PCI‑DSS.
Collaboration & Communication
Ability to work cross‑functionally with developers, operations teams, and business stakeholders to drive a security‑first culture.
Strong documentation and communication skills.
Nice to Have
Experience with Semarchy xDM or Semarchy deployment workflows—beneficial for teams leveraging Semarchy as part of their application deployment lifecycle. (The platform is used in deployment processes across certain projects, making familiarity a plus.)
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×