DevSecOps Specialist (Cybersecurity)

Overview:

The DevSecOps Specialist plays a key role in embedding security across the software development lifecycle. With a deep understanding of application security and secure development practices, this role focuses on automating and scaling security across CI/CD pipelines, helping engineering teams build secure software without sacrificing speed

.Working closely with product, tech and operations teams, the DevSecOps Specialist simplifies security adoption. Automating compliance, reducing risks and making security a seamless part of the DevOps process. The goal is to protect applications while keeping development fast and efficient.

What you will do:

• Own the integration and continuous improvement of AppSec tools (SAST, SCA, DAST) in CI/CD workflows.
• Lead security reviews for high-impact features and services.
• Design and maintain security-as-code pipelines and controls at the application layer.
• Conduct deep-dive threat modeling for product features, APIs and services.
• Drive adoption of secure coding practices and provide security guidance to engineers during design and implementation.
• Automate detection and remediation of application-level vulnerabilities.
• Support the Office of the CISO in executing security strategies and initiatives.

What we are looking for:

• 3–5 years in AppSec, DevSecOps, or related SDLC security engineering roles.
• Strong experience with CI/CD integration for SAST, SCA, and DAST tools.
• Familiarity in Python, JavaScript or similar for automation of security checks.
• Knowledge of modern web app and API security risks (e.g. OWASP Top10).