Senior DevSecOps Engineer

Irving, TX, US • Posted 11 hours ago • Updated 11 hours ago
Contract Independent
Contract W2
12 Months
No Travel Required
On-site
$70 - $75/hr
Fitment

Dice Job Match Score™

⭐ Evaluating experience...

Job Details

Skills

  • DevsecOps
  • SBOM
  • CBOM

Summary

Hi

We have an immediate Openings with Our Direct Client for a Long-term contract position

Senior DevSecOps Engineer
Location: Irving TX

SBOM / CBOM Inventory, Vulnerability Scanning & AI Auto-Remediation

We are looking for a hands-on Senior DevSecOps Platform Engineer to help build an internal security automation platform for SBOM/CBOM inventory, vulnerability scanning, and Claude-based auto-remediation.

This is not a traditional full-stack developer role. The right candidate should be able to build applications, design CI/CD pipelines, integrate security scanning tools, understand cryptography inventory, and automate remediation safely.

Key Responsibilities

Design and build a centralized platform for SBOM and CBOM inventory.
Scan applications, repositories, containers, dependencies, certificates, keys, crypto algorithms, TLS configurations, and runtime components.
Integrate SBOM/CBOM and vulnerability scanning into Jenkins/GitLab CI/CD pipelines.
Identify vulnerable dependencies, CVEs, weak cryptography, expired certificates, insecure TLS versions, hardcoded secrets, and non-compliant libraries.
Build automation workflows to support remediation using Claude or similar AI coding agents.
Automate safe fixes such as dependency upgrades, base image updates, configuration changes, and pull request creation.
Ensure all AI-assisted remediations are validated through build, test, scan, approval, and audit workflows before merge or deployment.
Build dashboards and reports for application inventory, vulnerability posture, crypto posture, remediation status, and SLA tracking.
Work closely with application, security, DevOps, and platform teams.
 
Required Skills

Hands-on experience with Jenkins and/or GitLab CI/CD.
Strong understanding of SBOM, dependency scanning, transitive dependencies, CVEs, and container image scanning.
Experience with tools such as Syft, Grype, CycloneDX, SPDX, JFrog Xray, Sonatype, Checkmarx, Fortify, or Veracode.
Good understanding of CBOM and cryptography inventory, including TLS/HTTPS, certificates, keys, cipher suites, encryption algorithms, hashing algorithms, signing algorithms, keystores, truststores, and secrets.
Ability to identify weak crypto such as MD5, SHA-1, DES/3DES, RC4, RSA-1024, TLS 1.0/TLS 1.1, and disabled certificate validation.
Hands-on AWS experience with services such as Lambda, API Gateway, S3, DynamoDB, IAM, ECS/EKS, CloudWatch, X-Ray, Secrets Manager, and KMS.
Experience with observability tools such as Splunk, ELK/Kibana, CloudWatch, and X-Ray.
Strong hands-on experience with Java/Spring Boot.
Experience with at least one additional language such as Node.js, Python, or Go.
Experience building REST APIs, microservices, batch jobs, and platform integrations.
Strong troubleshooting skills across application, pipeline, cloud, and security issues.
The candidate should understand how to use Claude or similar AI tools in a controlled engineering workflow
Preferred Skills

Experience building internal developer platforms or security automation platforms.
Experience with vulnerability management and remediation workflows.
Experience with policy engines such as OPA or custom rule engines.
Knowledge of post-quantum cryptography readiness and crypto-agility.
Experience with certificate lifecycle management, secrets management, and cloud security controls.
Frontend experience with Angular or React for dashboards and reporting.
Minimum Qualifications

8+ years of software engineering experience.
3+ years of DevOps, DevSecOps, platform engineering, or security automation experience.
Strong Java/Spring Boot background.
Hands-on CI/CD and cloud experience.
Practical experience with security scanning and vulnerability remediation.
Strong communication skills and ability to work across security, platform, DevOps, and application teams.

If interested, Please share below details with update resume:

Full Name:
Phone:
E-mail:  
Rate:
Location:
Visa Status: 
Availability:
SSN (Last 4 digit):
Date of Birth:
LinkedIn Profile:
Availability for the interview:
Availability for the project:

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: infotx
  • Position Id: 9022081
  • Posted 11 hours ago
Contact the job poster
AD

Archan Das

Sr. Consultant @ InfoVision, Inc.
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Hybrid in Irving, Texas

Today

Easy Apply

Contract, Third Party

Depends on Experience

Hybrid in Irving, Texas

Today

Easy Apply

Contract, Third Party

Depends on Experience

Hybrid in Irving, Texas

Today

Easy Apply

Third Party, Contract

Depends on Experience

Hybrid in Dallas, Texas

30+d ago

Easy Apply

Contract, Third Party

Depends on Experience

Search all similar jobs