Virginia - Arlington

8 Years

- /- ( )

Required Skills

DevSecOps Engineer Jenkins CI/CD Python

Work Authorization

  • US Citizen

  • Green Card

Preferred Employment

  • Corp-Corp

  • W2-Permanent

  • W2-Contract

  • Contract to Hire

Employment Type

  • Consulting/Contract

education qualification

  • UG :- - Not Required

  • PG :- - Not Required

Other Information

  • No of position :- ( 1 )

  • Post :- 10th Jul 2025

JOB DETAIL

What You'll Do:

  • Collaborate with a team of engineers to implement Firms specific security policies in the CI/CD security tools including but not limited to SAST, DAST and SCA applications.
  • Work with Development, DevOps and Security teams to identify and develop automated security and compliance capabilities in support of DevOps processes.
  • Define the security rules that needs to be adhered to at a code level in web and mobile applications written in Java, React, Objective C, SWIFT, Kotlin etc.
  • With your development background and security knowledge, provide security guidance to developers in the form secure coding standards and guidelines.
  • Support security standards, create templates and patterns to increase the efficiency and adoption of security program.

 

These skills will help you succeed in this role:

  • Experience with DevSecOps, Secure SDLC.
  • Bachelor's degree with minimum 8 years of work experience in the IT field
  • 3+ years software development experience using Java, JavaScript

 

3+ years of experience in the following:

  • OWASP Secure Coding Practices
  • Common software and web application security vulnerabilities
  • Application security scanning tools
  • Continuous Integration/Continuous Deployment (CI/CD) processes and concepts using relevant technologies and tools (e.g., Jenkins)
  • Experience in Python scripting

 

Even Better If You Have

  • A degree in Cybersecurity or CISSP/CSSLP certification or keen desire to move to security field
  • Business acumen to support the implementation of SAST or DAST or IAST across the enterprise
  • Ability to perform code reviews with minimal assistance
  • A self-starter, with a strong desire for learning new technologies and applying them to solve problems
  • Experience with two or more of the application build environments like Jenkins, Gradle, Maven.
  • Familiarity with public cloud services a plus
  • Experience with two or more of the Secure SDLC tools like Burp Suite, Fortify, Checkmarx, AppSec SE, Veracode, WhiteSource, Sonatype
  • Experience with Threat Analysis.
  • DevOps container/orchestration tools (Kubernetes, Docker, Puppet, etc) is a plus
  • Experience with evaluation, integration and onboard of security tools such as RASP, WAF, vulnerability scanner results, container analyzers, open source scanning etc is a plus

Company Information

Vyze Inc

aroutray@vyzeinc.com

5715299999