Development Security Operations Engineer
United States Cold Storage, Inc. · Camden, NJ · 4 days ago
HybridInformation Technology$130k–$150k/yrFull-time
Responsibilities
- Partner with Security and DevOps teams to implement secure design patterns and guardrails.
- Deliver training and guidance to developers on secure development and DevSecOps best practices.
- Define and operationalize security practices and automation into CI/CD pipelines using Azure DevOps and GitHub workflows.
- Provide hands-on guidance for secure coding, application architecture, and threat modeling.
- Design and review secure authentication and authorization models using Azure AD, OAuth2, and OpenID Connect.
- Manage and integrate security tools (SAST, DAST, SCA) into the development lifecycle.
- Support secure development in Azure environments, including App Services, Functions, and infrastructure-as-code.
- Help identify, triage, and remediate application security vulnerabilities and misconfigurations.
- Automate compliance and security checks across development and deployment workflows.
- Promote a collaborative, security-first culture across development, DevOps, and cloud engineering teams.
Requirements
- 4+ years of experience in DevSecOps, application security, or software development with a security focus.
- Strong experience with Azure development, including Azure App Services, Azure Functions, Azure AD, and cloud-native tooling.
- Hands-on experience with Azure DevOps for managing CI/CD pipelines and secure software delivery.
- Experience with IaC tooling and securing CI/CD delivery platforms (e.g., Terraform, Ansible, GitHub, Jenkins).
- In-depth understanding of web application security, secure software development, and threat modeling.
- Hands-on experience with integrating security tools such as SonarQube, Veracode, Snyk, or similar.
- Experience with securing API’s and policy enforcement.
Qualifications
- Bachelor’s degree in computer science, Information Security, Engineering, or related field.
Preferred Qualifications
- Experience with Azure Cloud.
- Programming experience in JavaScript.
- Experience with static code analysis tooling.
- Experience with container security and Kubernetes-based application security.
- Familiarity with secrets management and Azure key vault services.
- Relevant certifications such as AZ-500, CSSLP, OSWE, GIAC DevSecOps, or equivalent.
Soft Skills & Attributes
- Strong communication and collaboration skills across engineering, security, and operations teams.
- Ability to translate security principles into practical, developer-friendly solutions.
- Proactive and solution-oriented mindset, with a focus on enablement and shared ownership.
The Standard Details
- Always maintain a professional demeanor in appearance and communications.