Compass

Senior DevSecOps Security Engineer

Compass

full-time

Posted on:

Location Type: Remote

Location: Brazil

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

Google Cloud Platform

About the role

  • Monitor and triage vulnerabilities identified in CI/CD pipelines and security tools across GCP environments;
  • Engage with squads from project inception to anticipate risks and advise on secure development best practices;
  • Centralize and translate technical security requests into practical, prioritizable backlog actions;
  • Manage requests for external assessments, official penetration tests, and compliance requirements;
  • Execute continuous offensive testing to validate fixes and new features;
  • Lead the weekly Security agenda, tracking the roadmap and aligning with stakeholders;
  • Support manual and automated security assessments;
  • Maintain up-to-date technical documentation, guides, and remediation instructions.

Requirements

  • Strong experience with DevSecOps practices;
  • Experience with CI/CD pipelines and vulnerability monitoring;
  • Experience securing cloud environments (GCP);
  • Experience with penetration testing, offensive testing, and security assessments;
  • Ability to act consultatively with development squads;
  • Good communication skills to translate technical requirements into actionable tasks;
  • Nice-to-haves: prior experience in critical, high-complexity environments; experience with automated security tooling; experience with Security Governance and Compliance.
Benefits
  • Position also open to candidates with disabilities (PcD)
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
DevSecOpsCI/CD pipelinesvulnerability monitoringGCPpenetration testingoffensive testingsecurity assessmentsautomated security toolingSecurity GovernanceCompliance
Soft Skills
consultative skillscommunication skills