DevSecOps Security Assessment Engineer
6 days ago
SOFT's client located in Remotely is looking for a Security Assessment Engineer - DevSecOps for a long term contract assignment.
PLEASE NOTE THE FOLLOWING BEFORE APPLYING:
WE ARE NOT ACCEPTING ANY 3RD PARTY SOLICITATIONS FOR THIS OR ANY OF OUR JOB POSTINGS OR REQUISITIONS. ANY SUCH INQUIRIES WILL NOT BE CONSIDERED OR RESPONDED TO.
WE CAN ONLY WORK WITH DIRECT APPLICANTS WHO ARE AUTHORIZED TO WORK IN THE US WITHOUT SPONSORSHIP
We are seeking a skilled Security Assessment Engineer to join our team. The ideal candidate will be instrumental in supporting the adoption of DevSecOps principles and automating assessment services to ensure continuous authorization to operate within our organization. This is a unique position that must be able to flex between security engineering, security control automation, development, and assessor roles in a NIST based risk management environment.
Key Responsibilities:
Support DevSecOps initiatives by developing and implementing test-driven security within a CI/CD pipeline
Create automation to support the NIST Risk Management Framework (SP800-37, SP800-53/53a).
Develop and track Plan of Action and Milestones (POA&Ms) to address identified security vulnerabilities and compliance gaps.
Able to document clear and repeatable process and train others to be able to perform automated assessment reviews.
Develop and implement security assessment automation tools to support DevSecOps practices.
Collaborate with development teams to integrate security assurance into the CI/CD pipeline.
Conduct security assessments and risk analyses on new and existing software.
Provide Subject Matter Expertise in the creation of security policies, standards.
Develop and document procedures specific to the role.
Work closely with compliance teams to ensure continuous monitoring and authorization.
Assist in developing security training and awareness for technical staff.
Stay current with evolving security landscape, industry trends, tools, and best practices.
Required Qualifications:
Bachelor's degree in Computer Science, Information Security, or a related field (preferred)
Proven experience with security assessment tools and methodologies.
Experience with wide range of programming languages, automation tools and scripting languages (e.g., Python, Ruby, Go, Bash/Shell, JavaScript/Node.js, Groovy, YAML/JSON, PowerShell, Java, Terraform).
Understanding languages in the context of various DevSecOps tools and platforms like Docker, Kubernetes, Ansible, Chef, Puppet, Jenkins, GitLab CI, and cloud service providers (AWS, Azure, GCP).
Experience with Policy as Code and Compliance as Code
Knowledge of compliance frameworks and continuous authorization processes. Prefer NIST SP800-37, SP800-53/53a.
Excellent communication skills and the ability to work collaboratively.
Operational vulnerability analysis.
Deep understanding of Dev/Sec/Ops processes and testing.
Preferred Qualifications:
Certifications such as GCSA, CISSP, CEH, or OSCP.
Experience in a policy and assurance or quasi-governmental environment.
Familiarity with cloud service providers and associated security challenges.
The candidate must possess skills that include experience with:
Test design, performance testing, test architecture, configuration management, troubleshooting,
excellent verbal and written and communication skills both horizontally and vertically, performing manual testing with agility and interaction, be proficient in continuous delivery, Agile, and DevOps.
-
DevSecOps Security Assessment Engineer
3 weeks ago
New York, United States SOFT Inc. Full timeSOFT's client located in Remotely is looking for a Security Assessment Engineer - DevSecOps for a long term contract assignment.PLEASE NOTE THE FOLLOWING BEFORE APPLYING: WE ARE NOT ACCEPTING ANY 3RD PARTY SOLICITATIONS FOR THIS OR ANY OF OUR JOB POSTINGS OR REQUISITIONS. ANY SUCH INQUIRIES WILL NOT BE CONSIDERED OR RESPONDED TO. WE CAN ONLY WORK WITH DIRECT...
-
DevSecOps Security Assessment Engineer
3 weeks ago
new york city, United States SOFT Inc. Full timeSOFT's client located in Remotely is looking for a Security Assessment Engineer - DevSecOps for a long term contract assignment.PLEASE NOTE THE FOLLOWING BEFORE APPLYING: WE ARE NOT ACCEPTING ANY 3RD PARTY SOLICITATIONS FOR THIS OR ANY OF OUR JOB POSTINGS OR REQUISITIONS. ANY SUCH INQUIRIES WILL NOT BE CONSIDERED OR RESPONDED TO. WE CAN ONLY WORK WITH DIRECT...
-
DevSecOps Security Assessment Engineer
3 weeks ago
new york city, United States SOFT Inc. Full timeSOFT's client located in Remotely is looking for a Security Assessment Engineer - DevSecOps for a long term contract assignment.PLEASE NOTE THE FOLLOWING BEFORE APPLYING: WE ARE NOT ACCEPTING ANY 3RD PARTY SOLICITATIONS FOR THIS OR ANY OF OUR JOB POSTINGS OR REQUISITIONS. ANY SUCH INQUIRIES WILL NOT BE CONSIDERED OR RESPONDED TO. WE CAN ONLY WORK WITH DIRECT...
-
DevSecOps Engineer
6 days ago
New York, United States Yoh Full timeDevSecOps Engineer Category: Cybersecurity Employment Type: Direct Hire Reference: BH-330466 DevSecOps Engineer The Role We are transforming the digital payments landscape. To do that, we deliver world class safety, security and privacy for our customers. This is a chance to help us leapfrog beyond our competition. This role reports to our Director of...
-
DevSecOps Engineer
4 weeks ago
New Haven, United States Talent Groups Full time**Our client is only able to work with W2 candidates at this time (US Citizen or Green Card Perm Residents)**Hybrid Details: Onsite as neededDuration: 12 months to startJob DescriptionThe DevSecOps Engineer, will oversee a variety of platform and product deployments. The DevSecOps Engineer will collaborate with developers, scrum teams and information...
-
DevSecOps Engineer
4 weeks ago
New Haven, CT, United States Talent Groups Full time**Our client is only able to work with W2 candidates at this time (US Citizen or Green Card Perm Residents)**Hybrid Details: Onsite as neededDuration: 12 months to startJob DescriptionThe DevSecOps Engineer, will oversee a variety of platform and product deployments. The DevSecOps Engineer will collaborate with developers, scrum teams and information...
-
New York, United States Motion Recruitment Full timeA leading cloud provider specializing in high-performance computing is seeking a Senior DevSecOps/Infrastructure Security Engineer to join its Infrastructure Security team. This full-time, hybrid role offers competitive compensation and the opportunity to work on cutting-edge Kubernetes security solutions at scale. Required Skills & Experience 3+ years...
-
Blockchain DevSecOps Engineer
6 days ago
New York, United States Motion Recruitment Full timeOur client, a leading company in the Web3 and blockchain technology industry, is seeking Blockchain DevSecOps Engineer to join their team. This hybrid role in New York City offers competitive compensation, generous benefits, and the opportunity to work with cutting edge technologies. Required Skills & Experience 5+ years of experience Bachelor's Degree ...
-
Security Engineer
1 month ago
New York, United States Motion Recruitment Full timeOur client is looking for a Security Engineer to lead their security initiatives and protect sensitive company data. The role involves developing security tools, automating workflows, responding to incidents, and collaborating with engineering teams to ensure data security and governance. Ideal candidates will have, hands-on experience in DevOps/DevSecOps...
-
Security Engineer
1 month ago
New York, United States Avant Tech Full timeOur client provides consumers, corporations, governments, and institutions with a broad range of financial products and services, including consumer banking and credit, corporate and investment banking, securities brokerage, transaction services, and wealth management. They enable their clients to achieve their strategic financial objectives by providing...
-
Staff Security Engineer
3 weeks ago
New York, United States Intuit Inc Full timeOverview We are seeking a highly skilled Staff Security Engineer with over 10 years of overall experience, including 5+ years of coding experience, and a robust background in security reviews, threat modeling, and incident response. This role requires a unique combination of advanced software development skills and deep expertise in security to perform...
-
Information Security Engineer 3
3 months ago
New York, United States Aloden, Inc. Full timeJob Title: Information Security Engineer 3 (SAAS, Checkmarx, OWASP, Python) Location: New York Summary: We are seeking a highly skilled and experienced Information Security Engineer 3 to join our team. The ideal candidate will have a strong background in SaaS security, vulnerability management, and application security testing. You will play a critical role...
-
Cyber Security Engineer
1 month ago
New York, United States Saxon Global Full timeFULL TIME POSITION: Title-Cyber Security Engineer/NIST Title Client - Peoples Bank - Location-Hybrid/Midtown, New York City - salary--$ 145K Salary Target -Visa:USC,GC,GC-EAD **We need a senior (7+ Years) Cyber Security Engineer with great experience working with Cyber Security and Information Risk management with Strong understanding and hands on...
-
Cloud Security Solutions Architect
5 days ago
New York, New York, United States Yoh Full timeAbout UsYoh, a leading workforce management solutions company, is revolutionizing the digital payments landscape by delivering world-class safety, security, and privacy for its customers.The RoleWe are seeking an experienced DevSecOps Engineer to join our team. This role reports directly to our Director of Infrastructure & Technology.Key...
-
Sr. Cloud Network Security Engineer
2 weeks ago
New York, United States Saxon Global Full timeJob Title : Sr. Cloud Network Security Engineer Duration : 6 +Rate : $70/hr. on C2CLocation :New York City Visa : USC/GCClient : ePlus JD Sr. Cloud Network Security Engineer Contract Hybrid New York City Must be a US Citizen or Green Card Holder $80 an hour (ePlus Client) Please read my remarks very important to this position. Candidates must be able to...
-
DevOps Engineer
4 months ago
New York, United States ION Remote Work Freelance Full timeLab49 has an opportunity available for a DevOps Engineer to work on complex and challenging projects to drive transformative change for our top-tier Financial Services clients. Requirements: Experience building and managing enterprise cloud infrastructure. Strong hands-on experience on AWS and/or Azure environments Strong hands-on experience with...
-
Senior Security Engineer
5 days ago
New York, United States Mizuho Bank Ltd Full timeJoin the Mizuho team as a Senior Security Engineer This role will be focused on and around the regular administration/maintenance of security tools including performing upgrades/troubleshooting and maintaining system documentation. They may be required to help write or shape policies/procedures/run books/processes, etc. They will be expected to maintain...
-
Cybersecurity Engineer
4 days ago
New York, New York, United States Bitcoin Devs Company Full timeJob DescriptionWe are seeking a skilled Cybersecurity Engineer to join our team at Bitcoin Devs Company.As a Senior Security Engineer, you will play a vital role in ensuring the security and integrity of our platform, systems, and applications.Key Responsibilities:Design, build, and maintain secure platforms and tools leveraging solid software engineering...
-
Cloud Security Engineer with UI Focus
3 days ago
New York, New York, United States Armis Security Full timeSecure the Future of Cyber Exposure ManagementAt Armis Security, we're revolutionizing the way organizations protect their attack surface and manage cyber risk exposure in real-time. As a Senior Full Stack Engineer on our team, you'll have the opportunity to make a significant impact in an important field while maintaining a healthy work-life balance.About...
-
Senior Security Engineer
1 month ago
New York, United States Mizuho Bank Ltd Full timeJoin the Mizuho team as a Senior Security Engineer! This role will be focused on and around the regular administration/maintenance of security tools including performing upgrades/troubleshooting and maintaining system documentation. They may be required to help write or shape policies/procedures/run books/processes, etc. They will be expected to maintain...