Key skills
DevSecOpsSecurity EngineeringThreat DetectionCI/CD pipelinesAzure DevOpsContainerized workloadsDockerKubernetesAzure Kubernetes ServiceAzure Container RegistryMicrosoft SentinelKQLSecurity tooling integrationSASTDASTPolicy-as-codeInfrastructure as Code validationCompliance frameworksFedRAMPCMMCFISMAVersion controlGitSecrets managementAnalyticsAzureAKSVersion ControlSDLCCI/CD
About this role
Quzara LLC is seeking a DevSecOps Engineer (Detection & Pipeline Security) who will manage secure CI/CD pipelines and ensure detection logic is deployed and maintained. The role involves operationalizing security practices within the development lifecycle and collaborating with engineering and SOC teams.
Responsibilities:
- Manage the Detections as Code (DaC) lifecycle for threat detection logic using KQL or Sigma formats, implementing version control (Git) and automated deployment pipelines
- Harden and maintain Azure DevOps (ADO) pipelines, agents, and related CI/CD workflows for both software and detection releases in high-compliance environments
- Administer and secure the Azure Container Registry (ACR), ensuring containers are scanned, patched, and aligned to STIG compliance prior to production deployment
- Implement Shift Left security techniques by integrating SAST, DAST, and compliance scans directly into build pipelines to identify vulnerabilities early
- Partner with the Threat Intelligence and SOC teams to automate deployment of detection content, hunting queries, and analytics into Microsoft Sentinel and related tools
- Build and maintain secure CI/CD templates, YAML pipelines, and secrets management for infrastructure, detection logic, and application components
- Provide audit evidence and documentation to support FedRAMP, FISMA, and CMMC continuous monitoring efforts
- Stay current with container, cloud, and CI/CD security innovations and implement them in real-time across production systems
- Other duties as assigned
Requirements:
- U.S. Citizen (Required)
- Prior experience in a DevSecOps or Security Engineering role is required (Candidates must have both DevOps experience and security background)
- 3–5+ years' experience managing CI/CD pipelines within cloud-native environments (Azure DevOps strongly preferred)
- Hands-on experience deploying and managing containerized workloads (Docker, Kubernetes) in a secure and scalable way
- Advanced knowledge of Azure DevOps, Azure Kubernetes Service (AKS), Azure Container Registry, and Microsoft Sentinel/KQL
- Demonstrated experience integrating security tooling into DevOps pipelines (SAST/DAST, policy-as-code, IaC validation, etc.)
- Strong familiarity with compliance frameworks such as FedRAMP, CMMC, or FISMA, and their technical enforcement in the SDLC
- Microsoft Certified: DevOps Engineer Expert (AZ-400)
- Microsoft Certified: Azure Security Engineer Associate (AZ-500)
- Additional certifications such as SC-200 (Security Operations Analyst) or Kubernetes Security Specialist (CKS) are a plus