DevSecOps Engineer
Software Engineering
Remote
Description of the Role
Responsible for the design, implementation, and operational execution of secure development, cloud, and endpoint security practices
Embeds information security controls directly into engineering and IT workflows
Focus on vulnerability management, security baselines, threat modeling, and secure architecture
Leverages AI capabilities, including AWS AI services and Claude to standardize, streamline, and scale security operations
Essential Functions of the Role
Design and implement secure architecture patterns across applications, CI/CD pipelines, and cloud platforms
Conduct threat modeling and security design reviews for new systems and major changes
Lead vulnerability management across GitHub, AWS Inspector, Microsoft Defender, and CrowdStrike Falcon
Ensure vulnerabilities are triaged, tracked, and remediated within defined SLAs
Design and enforce AWS security baselines including VPCs, security groups, and perimeter controls
Identify and remediate unintended network exposure
Apply AWS AI services and Claude to standardize vulnerability analysis, remediation workflows, and reporting
Ensure AI usage is auditable, explainable, and secure
Develop and maintain security baselines aligned to NIST CSF, SOC 2, and HIPAA where applicable
Produce audit-ready documentation and metrics
Partner with Engineering and IT teams to integrate security into delivery processes
Communicate security risks and remediation status to Information Security leadership
Qualifications
8+ years in DevSecOps, security engineering, or cloud security roles
Bachelor’s degree or equivalent experience in Computer Science, Engineering, or related field
Strong experience with AWS, GitHub, Microsoft Defender, CrowdStrike Falcon
Expertise in vulnerability management and threat modeling
Proficiency using AI tools (AWS AI services, Claude) to improve security operations
Excellent documentation and communication skills