Embed security tooling into CI/CD (SAST, SCA, secrets scanning, IaC scanning, container scanning) using standardized pipeline patterns and reusable templates.
Define practical release gating rules that prevent high-risk defects from shipping while supporting documented exception workflows when needed.
Partner with engineering teams to operationalize secure coding practices and reduce recurring findings (OWASP Top 10 classes).
Build and maintain automation/scripts to support security checks, artifact integrity, pipeline hygiene, and evidence generation.
Reduce credential and secrets exposure across build and deployment workflows in partnership with platform/DevOps owners.
Tune security tooling to minimize noise and maintain acceptable pipeline performance (avoid security checks becoming bottlenecks).
Triaging and prioritizing application and pipeline findings with product/engineering owners; validate remediation and closure.
Implement service-level expectations for critical/high findings and track aging, exceptions, and trends for leadership reporting.
Support lightweight threat modeling for new features and major changes; translate risk into actionable engineering requirements.
Act as a security champion within engineering teams—coaching, pairing on fixes, and raising baseline maturity without slowing delivery.

Requirements

10+ years in DevOps, platform engineering, application security, or software engineering with hands-on CI/CD responsibility.
Demonstrated experience integrating security tooling into pipelines and tuning for practical developer use.
Strong written/verbal communication; able to translate security requirements into usable engineering workflows.
Experience with CI/CD tooling such as GitHub Actions, GitLab CI/CD, Jenkins, or Azure DevOps.
Proficiency with Python, Bash, PowerShell, or equivalent scripting for automation and reporting.
Strong understanding of common application security risks and secure coding patterns (e.g., OWASP Top 10).
Familiarity with Infrastructure-as-Code and container build/deploy security practices (Terraform/CloudFormation/Bicep; Docker/Kubernetes).

Benefits

Reasonable accommodations may be made to enable people with disabilities to perform the essential functions of the job.
Health insurance
401(k) matching
Flexible work hours
Paid time off
Professional development opportunities
Remote work options

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

CI/CDSASTSCAsecrets scanningIaC scanningcontainer scanningPythonBashPowerShellInfrastructure-as-Code

Soft Skills

strong written communicationstrong verbal communicationcoachingpairing on fixestranslating security requirementsprioritizing findingssupporting workflowsacting as a security champion