Senior Security Engineer

Overview

Remote
$60 - $70
Contract - W2
Contract - Independent
Contract - 06 Month(s)

Skills

Security
DevSecOps
Azure Devops
Integration
security controls
SAST
DAST
CI/CD
Security Scanning
Risk Management
Data Security
Governance
OWASP
data protection
encryption
masking
IAM
API security
cloud-native security
CISSP
CSSLP
OSCP
IaC security
Terraform

Job Details

Title: Security Engineer
Location: Remote
Duration: 6+ Months

Position Summary

We are seeking a hands-on Security Engineer to champion security throughout the Software Development Lifecycle (SDLC). This role ensures our applications, data flows, and pipelines meet enterprise security standards while driving proactive threat mitigation. The ideal candidate thrives at the intersection of software engineering, security operations, and data protection embedding secure-by-design principles into everything we build and deploy.

Key Responsibilities

SDLC & DevSecOps Integration

  • Embed security controls and validations across all SDLC phases from design through production.

  • Partner with developers and product teams to define secure architecture and coding standards.

  • Automate security testing (SAST, DAST, open-source vulnerability scans) within CI/CD pipelines.

  • Maintain Azure DevOps or equivalent ALM-based security gates to enforce compliance benchmarks.

Security Scanning & Risk Management

  • Administer static and dynamic scanning tools (e.g., SonarQube, Veracode, Fortify) across projects.

  • Aggregate and analyze scan results, track remediation, and manage a centralized vulnerability dashboard.

  • Deliver actionable security metrics and reports to enhance risk visibility and governance.

Data Security

  • Collaborate with data engineering to enforce data classification, encryption, and access control standards.

  • Assess data models and flows for exposure risks impacting PII, PCI, or other regulated data types.

  • Define secure integration models for APIs, cloud services, and databases.

Governance & Enterprise Security Alignment

  • Ensure alignment with enterprise security policies, audit frameworks, and incident response playbooks.

  • Support audit readiness and collaborate on penetration testing and risk assessments.

  • Identify systemic risks and propose scalable, design-level mitigations.

Documentation & Awareness

  • Maintain detailed documentation of security standards, controls, and design patterns.

  • Deliver training sessions to raise secure coding and threat awareness across engineering teams.

Qualifications

  • 3 5+ years in application, cloud, or DevSecOps security roles.

  • Comprehensive knowledge of secure development frameworks (OWASP Top 10, NIST, etc.).

  • Proficiency with security scanning tools (Fortify, Veracode, Checkmarx, Burp Suite).

  • Hands-on experience in CI/CD environments (Azure DevOps, GitHub Actions).

  • Strong understanding of data protection technologies (encryption, masking, RBAC).

  • Experience with IAM, API security, and cloud-native security (Azure preferred).

  • Excellent communicator with cross-functional team alignment skills.

Nice to Have

  • Certifications such as CISSP, CSSLP, OSCP, or Azure Security Engineer Associate.

  • Exposure to IaC security (Terraform, Bicep, ARM templates).

  • Experience working within regulated/compliance-heavy environments (HIPAA, SOC 2, PCI-DSS).

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.