DevSecOps Security Assessment Engineer

1 day ago


New York, United States SOFT Full time

SOFT's client located in Remotely is looking for a Security Assessment Engineer - DevSecOps for a long term contract assignment.

PLEASE NOTE THE FOLLOWING BEFORE APPLYING:

WE ARE NOT ACCEPTING ANY 3RD PARTY SOLICITATIONS FOR THIS OR ANY OF OUR JOB POSTINGS OR REQUISITIONS. ANY SUCH INQUIRIES WILL NOT BE CONSIDERED OR RESPONDED TO.

WE CAN ONLY WORK WITH DIRECT APPLICANTS WHO ARE AUTHORIZED TO WORK IN THE US WITHOUT SPONSORSHIP

We are seeking a skilled Security Assessment Engineer to join our team. The ideal candidate will be instrumental in supporting the adoption of DevSecOps principles and automating assessment services to ensure continuous authorization to operate within our organization. This is a unique position that must be able to flex between security engineering, security control automation, development, and assessor roles in a NIST based risk management environment.

Key Responsibilities:

Support DevSecOps initiatives by developing and implementing test-driven security within a CI/CD pipeline

Create automation to support the NIST Risk Management Framework (SP800-37, SP800-53/53a).

Develop and track Plan of Action and Milestones (POA&Ms) to address identified security vulnerabilities and compliance gaps.

Able to document clear and repeatable process and train others to be able to perform automated assessment reviews.

Develop and implement security assessment automation tools to support DevSecOps practices.

Collaborate with development teams to integrate security assurance into the CI/CD pipeline.

Conduct security assessments and risk analyses on new and existing software.

Provide Subject Matter Expertise in the creation of security policies, standards.

Develop and document procedures specific to the role.

Work closely with compliance teams to ensure continuous monitoring and authorization.

Assist in developing security training and awareness for technical staff.

Stay current with evolving security landscape, industry trends, tools, and best practices.

Required Qualifications:

Bachelor's degree in Computer Science, Information Security, or a related field (preferred)

Proven experience with security assessment tools and methodologies.

Experience with wide range of programming languages, automation tools and scripting languages (e.g., Python, Ruby, Go, Bash/Shell, JavaScript/Node.js, Groovy, YAML/JSON, PowerShell, Java, Terraform).

Understanding languages in the context of various DevSecOps tools and platforms like Docker, Kubernetes, Ansible, Chef, Puppet, Jenkins, GitLab CI, and cloud service providers (AWS, Azure, GCP).

Experience with Policy as Code and Compliance as Code

Knowledge of compliance frameworks and continuous authorization processes. Prefer NIST SP800-37, SP800-53/53a.

Excellent communication skills and the ability to work collaboratively.

Operational vulnerability analysis.

Deep understanding of Dev/Sec/Ops processes and testing.

Preferred Qualifications:

Certifications such as GCSA, CISSP, CEH, or OSCP.

Experience in a policy and assurance or quasi-governmental environment.

Familiarity with cloud service providers and associated security challenges.

The candidate must possess skills that include experience with:

Test design, performance testing, test architecture, configuration management, troubleshooting,

excellent verbal and written and communication skills both horizontally and vertically, performing manual testing with agility and interaction, be proficient in continuous delivery, Agile, and DevOps.



  • New York, United States SOFT Inc. Full time

    SOFT's client located in Remotely is looking for a Security Assessment Engineer - DevSecOps for a long term contract assignment.PLEASE NOTE THE FOLLOWING BEFORE APPLYING: WE ARE NOT ACCEPTING ANY 3RD PARTY SOLICITATIONS FOR THIS OR ANY OF OUR JOB POSTINGS OR REQUISITIONS. ANY SUCH INQUIRIES WILL NOT BE CONSIDERED OR RESPONDED TO. WE CAN ONLY WORK WITH DIRECT...


  • new york city, United States SOFT Inc. Full time

    SOFT's client located in Remotely is looking for a Security Assessment Engineer - DevSecOps for a long term contract assignment.PLEASE NOTE THE FOLLOWING BEFORE APPLYING: WE ARE NOT ACCEPTING ANY 3RD PARTY SOLICITATIONS FOR THIS OR ANY OF OUR JOB POSTINGS OR REQUISITIONS. ANY SUCH INQUIRIES WILL NOT BE CONSIDERED OR RESPONDED TO. WE CAN ONLY WORK WITH DIRECT...


  • new york city, United States SOFT Inc. Full time

    SOFT's client located in Remotely is looking for a Security Assessment Engineer - DevSecOps for a long term contract assignment.PLEASE NOTE THE FOLLOWING BEFORE APPLYING: WE ARE NOT ACCEPTING ANY 3RD PARTY SOLICITATIONS FOR THIS OR ANY OF OUR JOB POSTINGS OR REQUISITIONS. ANY SUCH INQUIRIES WILL NOT BE CONSIDERED OR RESPONDED TO. WE CAN ONLY WORK WITH DIRECT...

  • DevSecOps Engineer

    2 days ago


    New York, United States Yoh Full time

    DevSecOps Engineer Category: Cybersecurity Employment Type: Direct Hire Reference: BH-330466 DevSecOps Engineer The Role We are transforming the digital payments landscape. To do that, we deliver world class safety, security and privacy for our customers. This is a chance to help us leapfrog beyond our competition. This role reports to our Director of...

  • DevSecOps Engineer

    4 weeks ago


    New Haven, United States Talent Groups Full time

    **Our client is only able to work with W2 candidates at this time (US Citizen or Green Card Perm Residents)**Hybrid Details: Onsite as neededDuration: 12 months to startJob DescriptionThe DevSecOps Engineer, will oversee a variety of platform and product deployments. The DevSecOps Engineer will collaborate with developers, scrum teams and information...

  • DevSecOps Engineer

    3 weeks ago


    New Haven, CT, United States Talent Groups Full time

    **Our client is only able to work with W2 candidates at this time (US Citizen or Green Card Perm Residents)**Hybrid Details: Onsite as neededDuration: 12 months to startJob DescriptionThe DevSecOps Engineer, will oversee a variety of platform and product deployments. The DevSecOps Engineer will collaborate with developers, scrum teams and information...


  • New York, United States Motion Recruitment Full time

    A leading cloud provider specializing in high-performance computing is seeking a Senior DevSecOps/Infrastructure Security Engineer to join its Infrastructure Security team. This full-time, hybrid role offers competitive compensation and the opportunity to work on cutting-edge Kubernetes security solutions at scale. Required Skills & Experience 3+ years...


  • New York, United States Motion Recruitment Full time

    Our client, a leading company in the Web3 and blockchain technology industry, is seeking Blockchain DevSecOps Engineer to join their team. This hybrid role in New York City offers competitive compensation, generous benefits, and the opportunity to work with cutting edge technologies. Required Skills & Experience 5+ years of experience Bachelor's Degree ...

  • Security Engineer

    4 weeks ago


    New York, United States Motion Recruitment Full time

    Our client is looking for a Security Engineer to lead their security initiatives and protect sensitive company data. The role involves developing security tools, automating workflows, responding to incidents, and collaborating with engineering teams to ensure data security and governance. Ideal candidates will have, hands-on experience in DevOps/DevSecOps...

  • Security Engineer

    4 weeks ago


    New York, United States Avant Tech Full time

    Our client provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. They enable their clients to achieve their strategic financial objectives by providing...


  • New York, United States Intuit Inc Full time

    Overview We are seeking a highly skilled Staff Security Engineer with over 10 years of overall experience, including 5+ years of coding experience, and a robust background in security reviews, threat modeling, and incident response. This role requires a unique combination of advanced software development skills and deep expertise in security to perform...


  • New York, United States Aloden, Inc. Full time

    Job Title: Information Security Engineer 3 (SAAS, Checkmarx, OWASP, Python) Location: New York Summary: We are seeking a highly skilled and experienced Information Security Engineer 3 to join our team. The ideal candidate will have a strong background in SaaS security, vulnerability management, and application security testing. You will play a critical role...


  • New York, United States Saxon Global Full time

    FULL TIME POSITION: Title-Cyber Security Engineer/NIST Title Client - Peoples Bank - Location-Hybrid/Midtown, New York City - salary--$ 145K Salary Target -Visa:USC,GC,GC-EAD **We need a senior (7+ Years) Cyber Security Engineer with great experience working with Cyber Security and Information Risk management with Strong understanding and hands on...


  • New York, New York, United States Yoh Full time

    About UsYoh, a leading workforce management solutions company, is revolutionizing the digital payments landscape by delivering world-class safety, security, and privacy for its customers.The RoleWe are seeking an experienced DevSecOps Engineer to join our team. This role reports directly to our Director of Infrastructure & Technology.Key...


  • New York, United States Saxon Global Full time

    Job Title : Sr. Cloud Network Security Engineer Duration : 6 +Rate : $70/hr. on C2CLocation :New York City Visa : USC/GCClient : ePlus JD Sr. Cloud Network Security Engineer Contract Hybrid New York City Must be a US Citizen or Green Card Holder $80 an hour (ePlus Client) Please read my remarks very important to this position. Candidates must be able to...

  • DevOps Engineer

    4 months ago


    New York, United States ION Remote Work Freelance Full time

    Lab49 has an opportunity available for a DevOps Engineer to work on complex and challenging projects to drive transformative change for our top-tier Financial Services clients. Requirements: Experience building and managing enterprise cloud infrastructure. Strong hands-on experience on AWS and/or Azure environments Strong hands-on experience with...


  • New York, United States Mizuho Bank Ltd Full time

    Join the Mizuho team as a Senior Security Engineer This role will be focused on and around the regular administration/maintenance of security tools including performing upgrades/troubleshooting and maintaining system documentation. They may be required to help write or shape policies/procedures/run books/processes, etc. They will be expected to maintain...


  • New York, United States Mizuho Bank Ltd Full time

    Join the Mizuho team as a Senior Security Engineer! This role will be focused on and around the regular administration/maintenance of security tools including performing upgrades/troubleshooting and maintaining system documentation. They may be required to help write or shape policies/procedures/run books/processes, etc. They will be expected to maintain...

  • Software Engineer II

    3 weeks ago


    New York, United States Abnormal Security Full time

    Job DescriptionJob DescriptionAbout the RoleAbnormal Security is hiring a Software Engineer to join the Threat Response Engine team, an essential part of our mission to protect global enterprises from diverse and evolving email threats. At Abnormal, we've taken a novel approach to email security, utilizing behavioral AI to identify and counter complex...


  • new york city, United States A-1 Consulting Inc, Atlanta, GA Full time

    Hi ,Greetings !!!!Please go through the below job description and let me know your interest.Role: Application Security Engineer/Architect Location: NYC, NY(Hybrid)Only : GC / USC*We are looking for a motivated, detail-oriented individual with strong technical skills. This role’s primary focus is on working to secure in-house built and software as a service...