DevSecOps Engineer

Job TypeContractor

Skills RequiredAzure Docker Kubernetes +4

LocationDes Moines, Iowa

SalaryNo salary information was found.

Date Posted July 14, 2025

Compunnel Inc.

Compunnel Inc. is looking for a DevSecOps Engineer to enhance security in the software development lifecycle. The role involves integrating security practices into CI/CD pipelines and collaborating with development and operations teams.

Job description

Job Summary: We are seeking a DevSecOps Engineer to embed security throughout our software development lifecycle. This role acts as a bridge between development, operations, and security, ensuring secure design, implementation, and deployment of applications and infrastructure. The ideal candidate will have strong experience integrating security tools into CI/CD pipelines, promoting secure coding practices, and building a security-first DevOps culture. Job Responsibilities: Embed security controls and tools into CI/CD pipelines. Implement and manage automated security testing tools such as SAST, DAST, and SCA. Identify and remediate vulnerabilities in application code and infrastructure. Guide development teams in secure coding best practices and threat mitigation. Build Infrastructure-as-Code (IaC) using Terraform or CloudFormation with embedded security controls. Conduct security reviews of application architecture and designs, supporting threat modeling and secure design patterns. Ensure security validation is integrated into functional and non-functional testing. Develop security automation within CI/CD pipelines using tools like GitHub Advanced Security and AppScan. Collaborate with cross-functional engineering teams to improve security coverage and response. Required Skills: Strong understanding of DevOps principles and secure SDLC. Experience with cloud platforms: AWS, Azure, or Google Cloud Platform. Experience with containerization: Docker and Kubernetes. Hands-on experience with CI/CD tools: GitHub (including CoPilot, Enterprise, Advanced Engineering), Azure DevOps (ADO). Proficient in scripting languages: Python, TypeScript, Bash, etc. Familiarity with security tools and platforms: AppScan, GitHub Advanced Security, Sailpoint IIQ, MS EntraID. Knowledge of security frameworks and compliance standards (e.g., NIST, ISO 27001, OWASP). Strong communication and team collaboration skills. Preferred Skills: Experience with security architecture and threat modeling. Familiarity with identity and access management systems. Certifications: [Specify if required, e.g., AWS Security Specialty, CEH, CISSP] Education: Bachelors degree in computer science, Information Security, Engineering, or a related field (or equivalent experience)

Requirements

• Required Skills: Strong understanding of DevOps principles and secure SDLC

• Experience with cloud platforms: AWS, Azure, or Google Cloud Platform

• Experience with containerization: Docker and Kubernetes

• Hands-on experience with CI/CD tools: GitHub (including CoPilot, Enterprise, Advanced Engineering), Azure DevOps (ADO)

• Proficient in scripting languages: Python, TypeScript, Bash, etc

• Familiarity with security tools and platforms: AppScan, GitHub Advanced Security, Sailpoint IIQ, MS EntraID

• Knowledge of security frameworks and compliance standards (e.g., NIST, ISO 27001, OWASP)

• Strong communication and team collaboration skills

• Familiarity with identity and access management systems

• Certifications: [Specify if required, e.g., AWS Security Specialty, CEH, CISSP] Education: Bachelors degree in computer science, Information Security, Engineering, or a related field (or equivalent experience)

Similar Jobs

iSoftTek Solutions Inc

Aug 13, 2025

Application Security Architect with strong DevSecOps - Full-time

Charlotte, North Carolina

Full-time job

iSoftTek Solutions Inc is looking for an experienced Application Security Architect with strong DevSecOps skills to enhance CI/CD pipelines and integrate security throughout the software development lifecycle. This full-time position is based in Charlotte, North Carolina, requiring on-site presence from day one.

View Details

CI/CDJenkinsGitHub

Booz Allen Hamilton

Jul 21, 2025