DevOps Security Engineer

Title: DevOps Security Engineer

Location: Remote

Duration: 12 months

Job Description:

• DevOps / Platform / Security Engineer with strong automation and scripting skills
• Backend developers with deep PHP, JavaScript, and C# experience focused on secure legacy code remediation
• Proven track record in securing and modernizing CI/CD pipelines
• Skilled in cloud-native security and identity management, especially within Azure

Primary Skills

GitHub Enterprise Cloud
Deep experience managing repos, migrations, permissions, branch protection, CODEOWNERS, CI/CD integration.

CI/CD Pipelines
Strong with GitHub Actions, and possibly Azure DevOps or other pipeline tools depending on what you currently use.

Python
Ability to build tooling/scripts for automation, integration with APIs (Akeyless, Azure Key Vault, GitHub, etc.).

Azure

• Azure Key Vault (integration, secret rotation, access policies)
• Managed Identities (design and migration)
• General Azure platform understanding (RBAC, networking for MI, etc.)

Security Tooling
Familiarity with:

• TruffleHog
• Dependabot
• Wiz
• Qualys
• Akeyless.io
  Ability to triage, automate, and remediate findings from these tools.

Infrastructure as Code (IaC)
Terraform or ARM templates for automating MI, Key Vault, etc.

PHP & JavaScript (Legacy Code Security)

• Strong PHP and JavaScript skills, particularly in debugging and refactoring legacy code
• Experience identifying and resolving security CVEs
• Ability to work with static code analysis tools and implement secure coding practices
• Familiarity with PHP upgrade paths (e.g., PHP 7.x to 8.x), legacy frameworks, and browser compatibility issues

C# / .NET (Legacy Code Security & Modernization)

• Strong C# skills for maintaining and refactoring legacy .NET components
• Experience remediating security vulnerabilities (e.g., outdated libraries, CVEs)
• Familiarity with .NET Framework to .NET Core/.NET 6+ migrations
• Understanding of secure coding practices in enterprise C# environments
• Ability to contribute to modernization efforts and integrate with CI/CD workflows

MySQL

• Proficiency in designing, querying, and optimizing MySQL databases.
• Knowledge of MySQL security best practices (e.g., privilege management, connection encryption).
• Experience with migrations and upgrades of MySQL databases.

Nice-to-Have Skills

• PowerShell / Bash scripting
• Node.js or TypeScript (if used in any tooling or pipelines)
• Experience archiving / decommissioning GitHub repositories properly
• Experience managing secrets migration and rotation
• Azure AD / Identity and Access Management (IAM) for service accounts