The role focuses on preventing security vulnerabilities across production, staging, and development environments. The Engineer will integrate security into CI/CD, enforce access controls, manage patching, and support audit compliance.
Required Skill Set and Experience
- 3+ years in DevSecOps, DevOps, or Security Engineering
- Experience with .NET, SharePoint, SQL Server, and Python security
- SAST/SCA tools: SonarQube, Snyk, Bandit, Safety, OWASP Dependency-Check
- CI/CD: DevOps, GitHub or GitLab
- Secrets management: AWS Key Vault or HashiCorp Vault
- Scripting: Python, PowerShell, or Bash
- Compliance frameworks: NIST, SOC2, or ISO 27001
Preferred Qualifications
- Certifications: DevSecOps Professional, CISSP, CEH, Security+, AWS Security Engineer
- Experience with MS SQL Server TDE, RLS, and dynamic data masking
- Experience with SharePoint PnP PowerShell automat...