FREE ACCESS
5,000–10,000 jobs/day

See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.

Gen AI Security, DevSecOps Engineer
NBAGen AI Security & DevSecOps Engineer ensuring NBA's security infrastructure and AI adoption. Responsible for security across CI/CD pipelines, generative AI, and cloud.
Posted 7/11/2026full-timeRemote • New Jersey • 🇺🇸 United StatesSeniorLead💰 $145,000 - $165,000 per yearWebsite
Tech Stack
Tools & technologiesCloudKubernetesSDLC
About the role
Key responsibilities & impact- Secure CI/CD pipelines at scale across the organization's CI/CD platforms with standardized security templates and automated policy enforcement, embedding static analysis (SAST), software composition analysis (SCA), container, infrastructure as code (IaC), and secrets scanning, with break build enforcement on critical and high severity findings
- Administer the enterprise SAST and SCA platform (scan engine infrastructure, query tuning, severity calibration, finding triage) and maintain the exploitability knowledge base that distinguishes true positives from false positives to keep security fast and low friction
- Build automated compliance tooling that detects required scans, validates pipeline configuration, and flags coverage gaps; audit pipeline posture across platforms and drive remediation directly with engineering teams
- Support secure SDLC practices and security gates (SAST, SCA, container, IaC, DAST), threat modeling, SBOM generation, and dependency verification; coordinate with the DAST and penetration testing functions and act on bug bounty findings
- Design and build the enterprise security operations platform and the automation that orchestrates DevSecOps workflows (scan state changes, triage, exemptions, intake, notifications), including AI-assisted vulnerability triage with appropriate guardrails, audit trails, and human oversight
- Define and report security risk metrics, lead security audits and assessments, conduct supply chain and CVE incident response across the estate, and mentor junior team members
- Lead security reviews of Generative AI applications, agentic workflows, and AI developer tools submitted through the enterprise AI intake process, assessing against OWASP Top 10 for LLM Applications, OWASP Top 10 for Agentic Applications, NIST AI RMF, MITRE ATLAS, and NBA Gen AI security policy and standards
- Author and maintain NBA Generative AI security policy and standards, including controls for AI data protection, model and prompt security, agentic AI, MCP (Model Context Protocol) integration, and AI developer tooling
- Evaluate and onboard Gen AI security tooling such as runtime guardrails, AI red teaming, browser and DLP controls, and MCP governance, and design and operate runtime AI security controls integrated into application pipelines and runtime
- Govern enterprise security over AI developer tooling and the MCP server approval workflow, and partner with the Enterprise Gen AI, Cloud Infrastructure, GRC, Legal, and Privacy functions to align AI security controls with broader AI governance
- Administer and operate the enterprise cloud security platform across a large multi-cloud estate (cloud posture, container, and IaC scanning); detect, prioritize, and drive remediation of misconfigurations and vulnerabilities against defined SLAs with infrastructure and application teams
- Own cloud security scanning policy configuration and service account governance (scope, least privilege, credential rotation), lead platform lifecycle work, and perform technical security configuration assessments of cloud platforms
- Own the Kubernetes security posture across a large cluster footprint, including admission control, RBAC, namespace isolation, network policies, and Pod Security Standards, and execute admission controller enforcement programs that move policies from audit to block in staged, owner-communicated rollouts with exception and rollback processes
- Design and operate automated credential rotation across cloud identity and key management services (cross-account role assumption, grace periods, owner notifications) and lead the initiative to eliminate static access keys in favor of OAuth 2.0, OIDC, and role-based authentication
- Manage the secrets lifecycle across cloud and pipeline secret stores with detection, alerting, and automated rotation, and build reporting that surfaces aging and non-compliant secrets
Requirements
What you’ll need- Bachelor's degree in a technical discipline (or equivalent work experience)
- Minimum of seven years in IT (a minimum of five years in information security)
- Hands-on experience administering and integrating modern security tooling across the DevSecOps toolset, including SAST, SCA, DAST, container, IaC, and secrets scanning
- Hands-on experience designing and securing CI/CD pipelines on modern CI/CD platforms
- Strong programming and scripting ability, with the ability to build integrations, automation, and tooling against platform APIs
- Solid hands-on implementation of cloud security across at least one major cloud provider, including identity and access management, secrets management, network security, and posture management, guided by frameworks such as CIS Benchmarks, Cloud Security Alliance, and the NIST SP 800-53 and 800-190/800-204 series
- Working knowledge of Kubernetes and container security, including RBAC, admission control, namespace isolation, network policies, and Pod Security Standards
- Familiarity with AI and LLM security frameworks (OWASP Top 10 for LLM Applications, OWASP Top 10 for Agentic Applications, NIST AI RMF, MITRE ATLAS) and the controls that mitigate Generative AI risks such as prompt injection, sensitive data disclosure, and excessive agency (preferred)
- Understanding of governance applied to cloud and AI computing in terms of risk, exposure, impact, and policy; experience writing architectural plans, standards, and guidelines for enterprise platforms
- One or more industry security certifications, such as GIAC (GCSA), a cloud security certification (CCSP, CCSK, or a cloud provider security certification), or an application or offensive certification (CEH, OSCP, or CySA+)
Benefits
Comp & perks- medical
- dental
- vision
- life/AD&D insurance
- short- and long-term disability
- fertility and family-forming assistance
- wellbeing allowance
- educational assistance
- mental health coaching/therapy
- tax advantaged accounts such as HSA and healthcare/dependent care FSAs
- a 401(k) retirement plan
- time off benefits that include vacation, sick time, and personal days
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
SASTSCADASTInfrastructure as Code (IaC)Secrets ManagementProgrammingScriptingCloud SecurityAutomationCompliance Tooling
Soft Skills
MentoringCollaborationCommunication
Certifications
GIAC (GCSA)Cloud Security Certification (CCSP, CCSK)Offensive Certification (CEH, OSCP, CySA+)