← All Jobs
Posted Mar 9, 2026

DevOps Security Engineer

Apply Now
## Role Requirements 3–5+ years in a combined DevOps / Security Engineering / DevSecOps role where you were building and operating, not just recommending. CI/CD pipeline engineering: Deep, hands-on experience with at least one of Jenkins, GitLab CI, or GitHub Actions — including writing custom plugins, shared libraries, or reusable workflow templates. Security tooling integration: Production experience implementing and tuning SAST (e.g., SonarQube, Semgrep, CodeQL), DAST (e.g., OWASP ZAP, Burp Suite), and SCA (e.g., Snyk, Dependabot, Grype) tools within automated pipelines. Cloud security: Proven ability to secure production workloads on at least one major cloud provider (AWS, Azure, or GCP). You understand IAM policies, network segmentation, encryption-at-rest/in-transit, and cloud-native security services at an implementation level — not just a whiteboard level. Container & orchestration security: Hands-on experience securing Docker and Kubernetes environments — image scanning, runtime security (Falco, Sysdig, or similar), admission controllers, network policies, and supply chain security (signing, SBOMs). Infrastructure as Code: Proficiency with Terraform, CloudFormation, or Pulumi, combined with experience auditing IaC for security misconfigurations using policy-as-code frameworks (OPA/Rego, Sentinel, Checkov). Scripting & automation: Strong coding ability in Python, Go, or Bash — sufficient to build custom tooling, write security automation, and contribute patches to application code when needed. Vulnerability management: Experience running or significantly contributing to a vulnerability management program — triage, SLA enforcement, risk-based prioritization, and metrics reporting. Solid fundamentals: Strong understanding of OWASP Top 10, CWE/CVE ecosystems, secrets management (Vault, AWS Secrets Manager), TLS/mTLS, and common attack vectors against web applications and APIs. ## Nice to have Skills Experience with compliance-as-code frameworks and automating evidence collection for SOC 2, ISO 27001, FedRAMP, or PCI-DSS audits. Familiarity with eBPF-based security observability tools or kernel-level runtime security. Background in penetration testing or red team exercises, particularly against cloud-native infrastructure. Experience building or operating a software supply chain security program (SLSA framework, Sigstore/Cosign, in-toto attestations, SBOM generation and consumption). • *The crypto industry is evolving rapidly, offering new opportunities in blockchain, web3, and remote crypto roles — don’t miss your chance to be part of it.** Apply Now Apply Now
Apply Now

More Technology Jobs

Cybersecurity Risk AnalystMar 7, 2026ERP Project Manager (Infor CloudSuite Industrial SyteLine)Mar 4, 2026Finance & Compliance ManagerMar 9, 2026Junior Benefits Specialist (Full Time 100% Remote)Mar 9, 2026Expert Opportunity - Sales Leadership ($110/hr up to $2.2k/week)Mar 9, 2026Licensed & Certified Residential Appraisers (Part-Time / Flexible Volume)Dec 20, 2025[Remote] Business Systems Analyst - Executive (M&A Workstreams)Mar 9, 2026Sr Electrical BIM/VDC Specialist – RemoteMar 9, 2026Director of Data Science, New InitiativesMar 15, 2026Field Medical Science Liaison Regional DirectorMar 9, 2026Dental Benefit Examiner - RemoteMar 31, 2026[Remote-Position] Looking for Machesney Park ManagerialJun 25, 2025AWS Developer(Java &Python)Mar 9, 2026[Remote] REMOTE FROM LAS VEGAS - BUSINESS DEVELOPMENT REPRESENTATIVEMar 9, 2026**Experienced Full Stack Data Entry Clerk – Remote Opportunity with arenaflex**Apr 9, 2026