REMOTE - Sr. Security Engineer (DevSecOps)
United States of America
Full Time
2 weeks ago
$86 USD
H1B Sponsor Likely
Key skills
PythonBashAWSAzureTerraformKubernetesDockerJenkinsGitHub ActionsGitLab CIECSAzure DevOpsGitGitHubGitLabAgileScrumSDLCCI/CDMentoringCommunicationCollaboration
About this role
Software Guidance & Assistance, Inc. (SGA) is searching for a Sr. Security Engineer (DevSecOps) for a contract assignment with one of their premier Financial Services clients. The role involves driving the integration of security capabilities into CI/CD pipelines and development workflows, ensuring security is embedded early in the development lifecycle while supporting cloud migration and platform modernization goals.
Responsibilities:
- Build automated security controls directly into our software delivery pipelines
- Partner closely with Application Security, Security Champions, and development teams to ensure security is embedded early in the development lifecycle without compromising delivery velocity
- Implementing build gates, automating security scans, developing custom integrations, and ensuring our GitLab-based pipelines provide consistent, measurable security controls across the entire CDP portfolio
- Design, implement, and maintain security controls within GitLab CI/CD pipelines
- Develop pipeline automation scripts
- Develop and enforce container security policies aligned with firm standards
- Work with Security Champions to provide technical support and training on pipeline security features
- Develop reference architectures and example implementations for secure pipelines
- Support developers in understanding and resolving security findings
- Support pipeline assessment data collection through pipeline telemetry
- Coordinate with GRC teams on security control validation and evidence collection
- Mentor and guide team members in secure development practices
- Advocate for security throughout the SDLC
Requirements:
- Bachelor's degree in Computer Science, Information Technology, or related field (or equivalent experience)
- 5+ years of experience in DevOps, SRE, or Platform Engineering roles
- 3+ years of hands-on experience with GitLab CI/CD (or similar platforms like Jenkins, GitHub Actions, Azure DevOps)
- Strong expertise in CI/CD pipeline design, implementation, and optimization
- Proficiency in scripting and automation using Python, Bash, or similar languages
- Deep understanding of containerization technologies (Docker, Kubernetes, ECS)
- Experience with Infrastructure-as-Code tools (Terraform preferred)
- Practical knowledge of AWS cloud services
- Experience integrating security scanning tools into CI/CD pipelines
- Strong understanding of Git workflows, branching strategies, and merge request processes
- Experience with configuration management and pipeline-as-code practices
- Experience working in Agile/Scrum environments with 2-week sprint cycles
- Strong collaboration skills with ability to work across security, development, and operations teams
- Experience supporting multiple development teams simultaneously
- Track record of driving adoption of new tools and processes
- Ability to work on a geographically distributed team across multiple time zones
- Clear and accurate communication, excellent soft skills are a must
- Experience mentoring and/or coaching others
- Ability to document technical processes, create runbooks, and develop training materials
- Self-starter with ability to work independently and manage multiple priorities
- Team focus, flexible thinking, willingness to learn, desire to enable security to support the business
- AWS Certified DevOps Engineer or Solutions Architect
- Security Certifications from GIAC or other