Sr Development Security Operations Engineer ( Senior DevSecOps Engineer)

 

Senior DevSecOps Engineer

Position Summary

The Senior DevSecOps Engineer will be embedded within product engineering teams to implement and maintain secure, automated, and reliable delivery pipelines while following standards, frameworks, and guardrails set by the DevSecOps Center of Excellence (CoE).

This is a hands-on role that reports to the Manager of DevSecOps and works directly with developers, SREs, and product managers to enable faster, safer deployments, cost-efficient infrastructure, and adherence to enterprise security policies. The engineer will collaborate closely with Principal and Senior Staff DevSecOps engineers for technical guidance and mentoring while operating within the centralized DevSecOps leadership framework.

Key Responsibilities

Product Line DevSecOps Execution

· Build and maintain CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, ArgoCD) for the assigned product line.

· Integrate security testing (SAST, SCA, DAST, container scanning) into build and deployment workflows.

· Apply CoE standards, templates, and automation frameworks consistently within product environments.

· Troubleshoot and resolve DevSecOps issues, escalating complex challenges to Staff/Principal engineers.

Infrastructure & Automation

· Implement Infrastructure-as-Code (Terraform, CloudFormation) for product infrastructure.

· Adopt GitOps practices for repeatable and auditable infra provisioning.

· Ensure infrastructure deployments comply with security guardrails, tagging, and cost controls.

Observability, Security & Compliance

· Collaborate with SREs to enable monitoring, logging, and observability (Prometheus, Grafana, OpenTelemetry, New Relic, CloudWatch).

· Ensure pipelines and infrastructure comply with HIPAA, SOC2, and internal security standards.

· Embed IAM, KMS, GuardDuty, Security Hub into workflows for cloud security posture.

FinOps & Cost Awareness

· Implement CoE-defined cost governance practices in product pipelines.

· Ensure workloads are tagged, right-sized, and cost-efficient.

· Provide cost visibility to product teams and support FinOps reviews.

Collaboration & Continuous Improvement

· Work closely with developers, QA, SRE, and product managers to support secure and efficient delivery.

· Participate in CoE knowledge-sharing sessions, playbooks, and Communities of Practice.

· Contribute feedback from product teams back into the CoE to improve standards and frameworks.

· Continuously learn from Staff and Principal engineers and apply best practices within the product line.

Qualifications & Experience Required

· 8+ years in DevOps, Cloud, or Security Engineering.

· Strong hands-on experience with CI/CD pipeline tools (GitHub Actions, GitLab CI, Jenkins, ArgoCD).

· Proficiency in AWS services (EKS, ECS, EC2, S3, IAM, Security Hub, GuardDuty).

· Hands-on with containers & Kubernetes (Docker, EKS).

· Experience with Infrastructure-as-Code (Terraform, Pulumi, CloudFormation).

· Familiarity with observability platforms (Prometheus, Grafana, OpenTelemetry, New Relic, CloudWatch).

· Programming/scripting in Python, Go, or shell scripting.

· Strong collaboration skills in cross-functional product teams.

Preferred

· Experience in SaaS or healthcare software environments.

· Knowledge of databases (MongoDB, Elasticsearch, SQL).

· Familiarity with compliance frameworks (HIPAA, SOC2, ISO 27001).

· Certifications: AWS Security Specialty, CKA/CKAD, FinOps Certified Practitioner