DevSecOps Engineer

CSI

full-time

Posted on: 9/6/2025

Location: 🇺🇸 United States

✨ AI Apply

Mid-LevelSenior

AnsibleAWSAzureCloudCyber SecurityDNSFirewallsGoogle Cloud PlatformJenkinsPythonSDLCSplunkTerraform

About the role

Leading the integration of security practices into development and infrastructure workflows, with a strong focus on automation, compliance, and secure operations.
Work cross-functionally with infrastructure, cloud, and development teams to secure mission-critical systems and applications.
Manage security tools, drive CI/CD and IaC security automation, support audit and compliance efforts, and lead infrastructure security projects.
Develop and maintain CI/CD pipelines and automation scripts, implement security testing, and configuration management using tools like Ansible, SOAR, and Terraform.
Ensure compliance with security frameworks and regulations, including PCI DSS, HIPAA, and GLBA by participating in security audits, risk assessments, and implementing necessary controls.
Develop and review technical specifications for IT system procurement, including evaluating vendor submissions from bids, requests for information, and proposals.
Establish and maintain real-time security monitoring, alerting, and reporting mechanisms using tools such as Splunk and SIEM solutions to enhance visibility and compliance.
Lead security training initiatives, educating teams on secure coding practices, threat prevention, and compliance mandates while staying updated on evolving cybersecurity trends and emerging technologies.

3+ years of hands-on experience in cybersecurity, DevSecOps, or infrastructure security roles, preferably within the financial services or technology sector.
Education or formal training in information security or related technology from an accredited university, college, or trade school.
Advanced certifications are highly recommended (e.g., CISSP, CEH, or equivalent).
Experience with CI/CD pipelines and automation tools (e.g., Jenkins, GitLab CI, GitHub Actions).
Familiarity with Infrastructure as Code (IaC) and configuration management tools such as Terraform and Ansible.
Working knowledge of network security concepts and technologies, including firewalls, DNS, WAFs, email security, and endpoint detection and response (EDR).
Exposure to SIEM and SOAR platforms (e.g., Splunk, Microsoft Sentinel, Cortex XSOAR) for threat detection and response.
Experience supporting compliance initiatives (e.g., PCI DSS, HIPAA, GLBA) or working in a regulated industry.
Proficiency in scripting or automation languages (e.g., Python, Bash, PowerShell).
Understanding of cloud platforms such as AWS, Azure, or GCP, including basic security best practices.
Strong problem-solving skills, attention to detail, and the ability to work independently and manage project timelines.
Effective communication skills for cross-functional collaboration and documentation.
Applicants must be authorized to work in the United States without the need for sponsorship now or in the future.