Jobs · Engineering · Florida

DevSecOps Engineer (contract)

BNY · Lake Mary, FL · 2 wk ago
On-siteEngineeringContract

Key Responsibilities

  • Application Security Consulting: Serve as a Subject Matter Expert (SME) for application security initiatives, providing guidance and recommendations to development teams throughout the SDLC
  • Security Architecture Reviews: Conduct security assessments and architecture reviews for new applications, platforms, and technology solutions to ensure compliance with security standards and best practices
  • Secure Development Practices: Establish and promote secure coding guidelines, vulnerability management processes, and application security standards across development teams
  • Vulnerability Assessment & Remediation: Identify security vulnerabilities through code reviews, security testing, and assessment activities while partnering with development teams on remediation strategies
  • Code Review & Security Testing: Perform static, dynamic, and manual source code reviews, secure code analysis, and application security assessments
  • Threat Modeling: Conduct threat modeling exercises during application design and development phases to identify and mitigate potential security risks
  • DevSecOps Integration: Partner with engineering teams to integrate security controls, automated testing, and security tooling into CI/CD and DevOps pipelines
  • Security Tool Enablement: Support developers in utilizing security scanning tools, vulnerability management platforms, and secure development technologies
  • Risk Management: Track security findings, technical debt, remediation activities, and compliance requirements while ensuring timely resolution of security issues
  • Client & Stakeholder Engagement: Collaborate with internal stakeholders and external clients to communicate security requirements, recommendations, and risk mitigation strategies
  • AI Security Evaluation: Assist with security reviews of AI-enabled platforms and evaluate opportunities for leveraging AI development tools within secure software development practices
  • Continuous Improvement: Stay current on emerging security threats, attack vectors, application security trends, and evolving industry best practices

Qualifications

  • 3+ years of experience in Application Security, Security Engineering, Security Architecture, Software Development, or a related cybersecurity role
  • Bachelor's degree in Computer Science, Cybersecurity, Information Security, or a related field
  • Experience performing application security assessments, including penetration testing, secure code reviews, and vulnerability analysis
  • Strong understanding of secure software development lifecycle (SSDLC) principles and secure coding best practices
  • Experience identifying and remediating common application vulnerabilities, including OWASP Top 10 risks
  • Ability to partner with development teams, conduct security architecture reviews, and provide guidance on secure application design
  • Familiarity with programming languages such as Java, Python, or C/C++
  • Strong communication, presentation, and stakeholder management skills
  • Exposure to AI-assisted development tools or AI-enabled applications

Similar jobs

DevSecOps Engineer

Gray AnalyticsHuntsville, AL· 1 mo ago
Engineeringapply on secure7.saashr.com

DevSecOps Engineer

GXM TechnologiesColorado Springs, CO· 1 mo ago
Engineeringapply on recruiting.paylocity.com