DevSecOps Engineer

Job Description

Role summary Embed security into every stage of the SDLC. You will assess vulnerabilities, review code, automate security tests, and coach the engineering team on rapid, effective fixes. Key responsibilities Run regular vulnerability assessments and secure-code reviews Configure and maintain SAST, DAST, SCA, and other security tools Automate security testing and reporting pipelines Analyse scan results, prioritise risks, and guide developers on remediation Evaluate and integrate cost-effective security solutions Keep security policies, procedures, and runbooks up to date Requirements 2 + years in software development with hands-on security work B.S. in Computer Science (or similar) Practical experience with Git-based workflows and full-stack development (Java, Python, etc.) Proven use of static/dynamic analysis tools and web-app vulnerability management Solid knowledge of AWS services and related security tooling Understanding of common attack vectors (XSS, injections, session hijacking, social engineering) Familiarity with RBAC/SSO, OS and database hardening Strong problem-solving skills and composure in a fast-paced environment Nice to have: CSSLP, AWS Security Specialty, CEH, ISO 27001 or similar certifications