Jobs · Engineering · New York

Senior InfoSec Engineer (SecDevOps) / New York

DigitalXNode · New York, United States · 3 wk ago
EngineeringFull-time

Key Responsibilities

  • Design, implement, and maintain secure CI/CD pipelines that support rapid and secure software delivery.
  • Integrate security controls throughout the Software Development Life Cycle (SDLC).
  • Collaborate with development, infrastructure, and cloud engineering teams to embed security into development workflows.
  • Implement security automation within build, deployment, and release processes.
  • Promote secure coding practices and software security standards across engineering teams.

Security Assessment & Risk Management

  • Conduct vulnerability assessments, risk analyses, and security reviews across applications, infrastructure, and cloud environments.
  • Identify security weaknesses and recommend remediation strategies.
  • Evaluate cybersecurity risks against established security frameworks, standards, and organizational policies.
  • Perform threat modeling and security architecture reviews for new applications and infrastructure initiatives.
  • Monitor risk exposure and provide recommendations aligned with business risk tolerance levels.

Cloud & Infrastructure Security

  • Secure cloud environments across AWS, Azure, and hybrid infrastructures.
  • Implement identity and access management (IAM), network security, encryption, and cloud governance controls.
  • Review and enhance cloud security configurations and deployment architectures.
  • Support container and Kubernetes security initiatives.
  • Collaborate on security requirements for third-party vendors, integrations, and outsourced technology solutions.

Security Automation & Monitoring

  • Automate security testing, compliance checks, and vulnerability scanning processes.
  • Implement and maintain security monitoring and alerting solutions.
  • Support incident detection, response, and remediation activities.
  • Improve security operations through automation and workflow optimization.
  • Develop security dashboards, reporting mechanisms, and compliance monitoring processes.

Compliance, Governance & Documentation

  • Develop and maintain security policies, standards, procedures, and operational documentation.
  • Support compliance initiatives related to industry standards and regulatory requirements.
  • Document security findings, risk assessments, and remediation plans.
  • Participate in internal and external security audits.
  • Advocate for continuous security improvement across the organization.

Security Awareness & Leadership

  • Provide security awareness training and guidance to engineering and business teams.
  • Mentor developers and operations teams on secure development and deployment practices.
  • Stay informed on emerging cybersecurity threats, vulnerabilities, and security technologies.
  • Act as a security advisor for business initiatives and technology projects.
  • Escalate critical security concerns and risks to leadership when necessary.

Similar jobs

Senior Info Sec Engineer

Children's National HospitalSilver Spring, MD· 1 wk ago
Information Technologyapply on cnhs.taleo.net