
Role: DevSecOps Engineer
Location: Remote in US
JD:
Role summary
Embed security into the engineering lifecycle — securing pipelines, cloud infrastructure and applications — and build the tooling and automation that scale Client''''''''''''''''s security program.
Key responsibilities
• Integrate security into CI/CD: SAST/DAST/SCA, secrets management, IaC scanning and policy-as-code.
• Perform application security reviews, threat modeling and remediation guidance with engineering teams.
• Harden AWS cloud infrastructure and build security automation and internal tooling.
• Triage vulnerabilities and drive remediation across services.
Skills
• AWS • Python
• Cloud security on AWS (IAM, networking, guardrails); Python for security automation and tooling; familiarity with SQL for data/log analysis is expected.
• DevSecOps tooling (Snyk, Checkmarx, Trivy, etc.) and IaC (Terraform).
• Container/Kubernetes security.
• Certifications (e.g., AWS Security, OSCP, CISSP).
• HITRUST / SOC 2 / HIPAA controls experience.