Security Engineer / DevSecOps Specialist

Position: Security Engineer / DevSecOps Specialist

Location: Hybrid in Charlotte, Minneapolis, Dallas or Atlanta

Duration:- 6+ Months contract

If this opportunity interests you, please reply to this email with your updated resume and availability for a quick conversation.

Looking forward to hearing from you.

Position Overview

• We are seeking a highly skilled Security Engineer / DevSecOps Specialist to join our engineering team. The ideal candidate will have a strong background in Application Security, Cloud Platforms (AWS/Azure), and DevOps practices, with hands-on experience in automation, container security, and CI/CD pipeline integration. You will work closely with developers, DevOps, and IT security teams to ensure security is embedded throughout the software development lifecycle.

Key Responsibilities

• Design, implement, and manage application security controls across the SDLC.
• Integrate and maintain SAST (Static Application Security Testing) and SCA (Software Composition Analysis) tools within CI/CD pipelines.
• Secure containerized applications by applying best practices in Docker and Helm Charts.
• Collaborate with DevOps teams to secure Jenkins pipelines and optimize CI/CD workflows.
• Implement security practices for build tools (Gradle) and ensure secure dependency management.
• Perform threat modeling, code reviews, and security assessments for applications developed in Java and Python.
• Monitor and enhance cloud security posture across AWS and Azure environments.
• Establish automation for security testing and compliance reporting.
• Respond to and remediate security vulnerabilities in collaboration with development teams.
• Contribute to DevSecOps strategy and roadmap, ensuring alignment with organizational security goals.

Required Skills & Qualifications

• Strong experience in Application Security and DevSecOps practices.
• Hands-on expertise in SAST/SCA tools (e.g., SonarQube, Checkmarx, Snyk, Veracode, or similar).
• Proficiency with Docker and Helm Charts for container orchestration security.
• Solid knowledge of DevOps tools and CI/CD pipelines (Jenkins, GitHub Actions, or similar).
• Familiarity with Gradle build automation and dependency security.
• Programming experience in Java and Python with the ability to perform secure coding practices.
• Strong understanding of Cloud security concepts in AWS and/or Azure.
• Excellent problem-solving, communication, and collaboration skills.

Preferred Qualifications

• Certifications such as AWS Security Specialty, Azure Security Engineer, CEH, CISSP, or GIAC.
• Knowledge of IaC security (Terraform, Ansible, etc.).
• Familiarity with Kubernetes security and container runtime protection tools.
• Experience implementing shift-left security practices.

3-5 Must Haves (need to be highlighted in sizzle & present on resume)

Application Security
SAST/ SCA
Docker
HELM Charts
DevOps / Jenkins
Gradle
Programming: Java, Python
Cloud - AWS/Azure