DevSec Engineer

Job Summary

A company is looking for a DevSec Engineer to lead offensive security operations and enhance the security posture across infrastructure and applications.

Key Responsibilities

• Lead and execute Red Team engagements to simulate real-world attack scenarios and manage full attack lifecycle operations
• Integrate security requirements into architecture, design, and coding practices while automating code and dependency reviews
• Implement security measures in CI/CD pipelines and collaborate with DevOps to secure cloud environments and infrastructure

Required Qualifications

• Strong background in application security (OWASP, NIST, MITRE ATT&CK)
• Proficiency in one or more programming languages (C#, Python, Java, or JavaScript)
• Experience with CI/CD and DevSecOps tooling (SonarQube, Snyk, Veracode, GitHub Actions, etc.)
• Cloud security expertise (IAM, secrets management, network segmentation)
• Familiarity with regulatory/compliance frameworks relevant to the organization