RemoteLeaf Logo
Log in Sign up

Dev Ops AppSec & Security Engineer

2 hours, 10 minutes ago
Israel, India, Pakistan, Philippines, Sri Lanka
Contract
Senior
Security Engineer
Cybersecurity
Azure Azure Pipelines CI/CD Encryption HIPAA OWASP Penetration Testing REST API SIEM
Apply Now
GXA

GXA

GXA is an award-winning IT consulting and managed services provider based in Richardson, Texas. With a focus on empowering businesses in Texas, GXA offers a range of IT solutions including managed IT services, business IT consulting, disaster recovery ...

Internet Software & Services
11-50
Founded 2008
View All Jobs 8

Description

  • Guide developers and engineers on secure coding standards and practices.
  • Perform code reviews and static/dynamic analysis to identify vulnerabilities.
  • Integrate security tools into CI/CD pipelines for automated scanning and compliance.
  • Design and implement authentication, authorization, and encryption for APIs and applications.
  • Assess and remediate risks in REST/SOAP integrations, data pipelines, and custom applications.
  • Collaborate with the vISM and Security Team to manage vulnerability identification, tracking, and remediation.
  • Coordinate and support penetration testing activities, including scoping, execution, and remediation of findings.
  • Conduct security assessments for new and existing systems, document risks, and recommend mitigation strategies.
  • Develop and maintain threat models for applications and infrastructure.
  • Respond to security incidents, perform root-cause analysis, and document lessons learned.
  • Build and maintain security automation scripts and workflows for scanning, alerting, and compliance checks.
  • Integrate security monitoring into Azure Pipelines, Data Factory, and related services.
  • Maintain security documentation, diagrams, and operational procedures.
  • Work with Business Analysts to translate security requirements into actionable specifications.
  • Educate stakeholders on security risks, trade-offs, and mitigation strategies.
  • Participate in client meetings to address security concerns and present solutions.

Requirements

  • Proficiency in secure coding, application security frameworks such as OWASP and NIST, and vulnerability management.
  • Experience with security tools including SAST, DAST, dependency scanning, and SIEM.
  • Strong understanding of authentication, authorization, and encryption protocols.
  • Familiarity with CI/CD pipelines, Azure DevOps, and security automation.
  • Experience with penetration testing methodologies and remediation processes.
  • Ability to investigate, respond to, and remediate security incidents.
  • Skill in root-cause analysis and forensic investigation.
  • Ability to explain technical security concepts to non-technical stakeholders.
  • Experience working with cross-functional teams across engineering, business analysis, operations, and security.
  • Experience with cloud security, with Azure preferred, API security, and data protection.
  • Background in software development or DevOps environments.
  • Familiarity with regulatory compliance frameworks and client-facing security reviews.
  • Experience in consulting or Managed Service Provider (MSP) environments.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Lyra Health

Google Workspace & DLP Specialist

Lyra Health 1K-5K Health Care Providers & Services

Lyra Health is hiring a remote Google Workspace & DLP Specialist in the United States to own advanced administration, security, automation, and compliance for its Google Workspace environment.

United States Full-time Senior Security Engineer Technical Support Engineer
$95k-$131k
GCP OAuth SAML
10 minutes ago
Sysdig

Staff IT Engineer

Sysdig 251-1K IT Services

Sysdig is hiring a Staff IT Engineer in Costa Rica to lead IT and security engineering work across endpoints, cloud services, and SaaS environments, with the goal of strengthening security posture through automation and scalable controls.

Costa Rica Full-time Senior DevOps Engineer Security Engineer
AWS Bash CI/CD Linux macOS Python
25 minutes ago
WaveStrong,

Remote Imperva Data Security SME

WaveStrong, 51-250 Internet Software & Services

WaveStrong is hiring a Remote Imperva Data Security SME to support enterprise and cloud information security efforts by protecting sensitive data across platforms.

United States Contract Senior Database Administrator Security Engineer
WAF
25 minutes ago
WaveStrong,

Remote Encryption Engineer (HSM)

WaveStrong, 51-250 Internet Software & Services

Wavestrong is seeking a remote Encryption Engineer for a 6-month contract to support customer deployments of encryption and key management solutions across cloud and virtualized environments.

United States Contract Senior Infrastructure Engineer Security Engineer
Active Directory AWS Azure Cisco DHCP Docker Encryption GCP PowerShell SAML
40 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers