Security Engineer

Role SummaryOperationalize DevSecOps security controls across SDLC and CI/CD using Azure DevOps Server, ensuring enforceable security gates, vulnerability lifecycle management, and audit-ready evidence.Key ResponsibilitiesConfigure and tune Fortify SAST/DAST, define thresholds and exception workflow.Automate the renewal and deployment of SSL/TLS certificates using tools like HashiCorp Vault and Cert-Manager in Kubernetes to prevent downtime and security risks.Integrate SBOM generation tools into the CI/CD pipeline to track component dependencies, license compliance, and vulnerabilities, providing visibility into the software supply chain.Implement image signing and verification using tools like Sigstore/Cosign to ensure code integrity, ensuring only verified, trusted container images are deployed.Define Quality Gates, vulnerability SLAs, triage process, remediation tracking and reporting dashboards.Integrate secrets management (HashiCorp Vault) and secure access patterns with SecurEnvoy MFA.Support compliance evidence: scan outputs, approvals, and release evidence packs.Partner with DevOps and QA on secure pipelines and test environment controls.Required Experience5–8+ years AppSec/DevSecOps/security engineering experience. Government/regulatory sector experience is a plus. Strong OWASP, threat modeling, and vulnerability management exposure.Technical SkillsSecure SDLC, CI/CD security gates, artifact trust, secrets management, container security concepts, and K8s security basics.Soft SkillsInfluence without authority, risk‑based communication, pragmatic guidance, and calm escalation handling.Core Skills / ToolingAzure DevOps Server, Fortify (SAST/DAST), HashiCorp Vault, JFrog Artifactory, Sigstore (plus), OpenShift/Kubernetes awareness, and monitoring correlation (AppDynamics/BMC/Azure Monitoring).#J-18808-Ljbffr