Full Stack + DevSecOps Platform Engineer
Dallas, Georgia, United States of America
Contract
1 week ago
Key skills
PythonJavaGoAIClaudeNode.jsSpring BootSpringAWSJenkinsGitLab CIECSEKSLambdaS3DynamoDBIAMCloudWatchAPI GatewaySplunkKibanaGitLabCI/CDCheckmarx
About this role
Job Title: Senior Full Stack + DevSecOps Platform Engineer
Tax Term: W2/1099 Only
Location: Atlanta- Onsite
Employment Type: Contract
Job Descrpition:
SBOM / CBOM Inventory, Vulnerability Scanning & AI Auto-Remediation Platform
We are looking for a hands-on Senior Full Stack + DevSecOps Platform Engineer to design and build an internal security automation platform focused on SBOM/CBOM inventory, vulnerability scanning, and AI-assisted auto-remediation using Claude.
This is not a traditional full-stack developer role. The ideal candidate should have strong expertise across application development, CI/CD, cloud engineering, security scanning, cryptography inventory, and remediation automation.
Key Responsibilities
-
Design and build a centralized platform for SBOM and CBOM inventory.
-
Scan applications, repositories, containers, dependencies, certificates, keys, crypto algorithms, TLS/HTTPS configurations, secrets, and runtime components.
-
Build and integrate Jenkins/GitLab CI/CD pipelines for:
-
SBOM scanning
-
CBOM scanning
-
Vulnerability scanning
-
Container scanning
-
Code scanning
-
Crypto policy scans
-
-
Identify:
-
Vulnerable dependencies
-
CVEs
-
Weak cryptography
-
Expired certificates
-
Insecure TLS versions
-
Hardcoded secrets
-
Non-compliant libraries
-
-
Build dashboards and reporting for:
-
Application inventory
-
Vulnerability posture
-
Crypto posture
-
Remediation status
-
SLA tracking
-
-
Integrate security tools such as:
-
Syft
-
Grype
-
CycloneDX
-
JFrog Xray
-
Sonatype
-
Checkmarx
-
Fortify
-
Veracode
-
Similar enterprise security tools
-
-
Build AI-assisted remediation workflows using Claude or similar AI coding agents.
-
Automate safe fixes including:
-
Dependency upgrades
-
Base image updates
-
Configuration changes
-
Pull request creation
-
-
Ensure all remediations pass through:
-
Build validation
-
Testing
-
Security scans
-
Approval workflows
-
Audit checks
-
Rollback mechanisms
before merge or deployment.
-
-
Collaborate closely with Application, Security, DevOps, and Platform Engineering teams.
Required Skills
Backend & Platform Engineering
-
Strong hands-on backend development experience with Java/Spring Boot.
-
Experience with at least one additional programming language:
-
Node.js
-
Python
-
Go
-
-
Experience building:
-
REST APIs
-
Microservices
-
Batch jobs
-
Platform integrations
-
CI/CD & DevSecOps
-
Hands-on experience with:
-
Jenkins
-
GitLab CI/CD
-
-
Strong understanding of:
-
SBOM
-
Dependency scanning
-
Transitive dependencies
-
CVEs
-
Container image scanning
-
CBOM & Cryptography Security
Good understanding of CBOM and crypto inventory, including:
-
TLS/HTTPS
-
Certificates
-
Keys
-
Cipher suites
-
Encryption algorithms
-
Hashing algorithms
-
Signing algorithms
-
Keystores / Truststores
-
Secrets management
Ability to identify weak cryptography such as:
-
MD5
-
SHA-1
-
DES / 3DES
-
RC4
-
RSA-1024
-
TLS 1.0 / TLS 1.1
-
Disabled certificate validation
AWS Cloud Experience
Hands-on AWS experience with services such as:
-
Lambda
-
API Gateway
-
S3
-
DynamoDB
-
IAM
-
ECS / EKS
-
CloudWatch
-
X-Ray
-
Secrets Manager
-
KMS
Monitoring & Troubleshooting
-
Experience with monitoring and troubleshooting tools such as:
-
Splunk
-
ELK / Kibana
-
CloudWatch
-
X-Ray
-
-
Strong troubleshooting skills across:
-
Applications
-
Pipelines
-
Cloud infrastructure
-
Security issues
-
Founded in 2014, is a global leader in delivering innovative IT solutions and services. Headquartered in the USA with a presence in the UK, Canada, and India, we specialize in offering industry-leading expertise and cutting-edge products that help our clients maximize their technological investments. Our focus on best-in-class solutions, a highly knowledgeable team, and proactive talent mapping ensure we remain at the forefront of the IT industry.
ConglomerateIT is driven by our Center for Excellence and Innovation, an initiative dedicated to keeping us ahead in a rapidly evolving technology landscape. We understand that building strong relationships is key to our success, and this commitment has enabled us to partner with Fortune 500 companies and leading system integrators worldwide. Our ability to provide local talent on a global scale ensures that we can meet the contingent project requirements of our clients efficiently and effectively.