CrawlJobs Logo
Checkmarx Logo Checkmarx · IT - Software Development

Devsecops Engineer

India, Pune · Job Posted June 15, 2026
Apply Position
Job Link Share

Job Description

Checkmarx is seeking a talented DevSecOps Engineer to join our growing Checkmarx One™ Platform Engineering DevOps group. Checkmarx One™ is our flagship unified Application Security Platform, developed with the most cutting-edge cloud native technologies, and deployed in multi-cloud and on-premises environments.

Job Responsibility

  • Design, implement, and automate secure, scalable infrastructure for Checkmarx One™ environments, ensuring scale, high availability and compliance with FedRAMP requirements
  • Develop and maintain CI/CD pipelines with a focus on secure software supply chain practices (e.g., SBOMs, signing, verification)
  • Harden Kubernetes-based deployments by building and enforcing security controls using Kubernetes Operator Framework, Network Policies, and Pod Security Standards
  • Integrate and manage observability and security monitoring tools, such as Fluent Bit, ELK, Grafana, Prometheus, and cloud-native security tooling (e.g., AWS GuardDuty, Inspector)
  • Collaborate with application security, product engineering, and compliance teams to define and enforce DevSecOps best practices
  • Conduct threat modeling and risk assessments of infrastructure changes and implement remediation strategies as needed
  • Lead the adoption of secure-by-default templates infrastructure-as-code (AWS CDK, Terraform, etc.) reusable automation
  • Assist in evidence collection and environment preparation for FedRAMP audits and continuous monitoring

Requirements

  • 3-5 years of experience as a DevOps, Site Reliability, or Platform Engineer with a strong focus on security (DevSecOps)
  • In-depth experience securing production environments on AWS (or other major clouds) using least privilege, identity federation, VPC security, etc.
  • Proven expertise with Kubernetes and the Operator Framework, including workload security hardening, admission controllers, and custom operators
  • Strong knowledge of CI/CD and infrastructure-as-code tools such as Jenkins, GitHub Actions, CircleCI, AWS CDK, or Terraform
  • Experience building and managing secure containerized environments using Docker, Helm, and Argo CD
  • Proficiency in at least one programming or scripting language (Python, Bash, or Go) with emphasis on automation and secure coding
  • Familiarity with compliance frameworks such as FedRAMP, SOC 2, or ISO 27001, and how they apply to cloud-native architectures
  • Experience integrating security observability and logging systems (e.g., Fluent Bit, ELK, Prometheus, AWS CloudTrail)
  • Strong analytical and problem-solving skills with a security-first mindset

What we offer

What we have to offer

Checkmarx - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Devsecops Engineer

8 matching positions

New

Devsecops Engineer

The DevSecOps Engineer is responsible for architecting, implementing, and mainta...
Location
Location
United States , Bethesda
Salary
Salary:
65592.00 - 136650.00 USD / Year
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Computer, Electrical, or Electronics Engineering, or Mathematics with a concentration in computer science or equivalent
  • Minimum 3 years of experience with cybersecurity engineering
  • Must be US citizen with the ability to obtain a Secret Clearance
Job Responsibility
Job Responsibility
  • Design, implement, and maintain secure CI/CD pipelines and DevSecOps automation for cloud, edge, and data environments
  • Integrate security controls, automated compliance checks, and vulnerability scanning into all stages of the software development lifecycle
  • Develop and maintain infrastructure as code (IaC) for AWS GovCloud, IoT gateways, and supporting systems
  • Implement and enforce secure configuration baselines, access controls, and monitoring for all client components
  • Support continuous monitoring, incident response, and vulnerability management in compliance with DoD RMF, IL4, and FedRAMP requirements
  • Collaborate with software, infrastructure, and security teams to ensure secure deployment and operation of solutions
  • Maintain comprehensive documentation for DevSecOps processes, security controls, and compliance artifacts
  • Support audit, ATO, and risk management processes, including evidence collection and remediation of findings
  • Provide technical support for user acceptance testing, deployment, and ongoing operations of client environments
  • Participate in security assessments, code reviews, and compliance audits as required by contract and SOW
What we offer
What we offer
  • Medical, dental, and vision insurance with an employer contribution
  • Flexible spending or health savings account
  • Life and AD&D insurance
  • Short and long term disability coverage
  • Paid time off
  • Employee assistance
  • Participation in a 401k program with company match
  • Additional voluntary or legally-required benefits
  • Fulltime
Read More
Arrow Right
New

DevSecOps Engineer

We are looking for a DevSecOps Engineer to support secure software delivery in a...
Location
Location
United States , Palo Alto
Salary
Salary:
Not provided
https://www.roberthalf.com Logo
Robert Half
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in DevSecOps or security engineering within a SaaS environment
  • Hands-on knowledge of Wiz, including the ability to interpret results and triage security findings effectively
  • Strong familiarity with CI/CD platforms, especially GitHub and CircleCI
  • Practical scripting or coding ability to automate controls and streamline security workflows
  • Experience reviewing vulnerability reports, bug bounty submissions, or similar external security findings
  • Understanding of secure software delivery practices across development, testing, and production stages
  • Working knowledge of Azure Active Directory and its role in enterprise environments
Job Responsibility
Job Responsibility
  • Integrate security practices into development and release processes to promote safer, more reliable software delivery across the engineering lifecycle
  • Review and assess findings generated through Wiz, determining priority, business impact, and appropriate remediation paths
  • Partner with engineering teams to improve security controls within CI/CD workflows, with primary emphasis on GitHub and CircleCI pipelines
  • Create and maintain scripts or lightweight code solutions that automate security checks and connect tools with existing development processes
  • Evaluate vulnerability disclosures and bug bounty submissions, validating reports and identifying severity to support timely response efforts
  • Monitor secure code delivery activities from initial commit through production deployment, helping reduce risk at each stage of the pipeline
  • Act as the primary individual contributor for this function, driving day-to-day execution and advancing DevSecOps practices across the environment
What we offer
What we offer
  • medical
  • vision
  • dental
  • life and disability insurance
  • 401(k) plan
  • Fulltime
Read More
Arrow Right

Devsecops Engineer

As a DevSecOps Engineer, you will be the link between development, operations, a...
Location
Location
Argentina , Buenos Aires
Salary
Salary:
Not provided
valtech.com Logo
Valtech
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in Security Engineering, or DevSecOps, preferably in large-scale, customer-facing platforms
  • Deep expertise in automation, cloud-native security, and CI/CD
  • Strong communication skills
  • Comfortable working in global and multicultural teams
  • You have led DevSecOps initiatives in enterprise or high-traffic production environments
  • Strong experience with cloud security (Mostly Azure)
  • Proficient in CI/CD tooling
  • Advanced knowledge of container security and orchestration (Docker, Kubernetes, AKS)
  • Hands-on experience with security scanning tools (Snyk, SonarQube, Trivy, Aqua, Prisma, Checkov, etc.)
  • Implemented monitoring and observability solutions with a security lens (New Relic, Prometheus, Grafana, ELK)
Job Responsibility
Job Responsibility
  • Define and implement enterprise-wide DevSecOps standards, patterns, and guardrails
  • Design and build security automation mechanisms such as secure CI/CD pipelines with integrated SAST, DAST, SCA, IaC scanning, and container security
  • Design and Implement cloud-native security tooling and platforms
  • Lead security reviews, audits and threat modeling for high-impact platforms and projects
  • Guide teams and promote security awareness on secure coding, vulnerability remediation, and cloud security best practices, acting as a Security Subject Matter Expert
  • Automate compliance and governance requirements at scale
  • Participate in and lead security incident lifecycle, including RCA, remediation, postmortem analysis, and resilience improvements
  • Mentor and coach DevOps/DevSecOps engineers across teams
  • Advocate for and implement practices to reduce toil and scale security automation
  • Define and/or conduct regular vulnerability assessments and manage remediation efforts
What we offer
What we offer
  • Flexibility, with remote and hybrid work options
  • Career advancement, with international mobility and professional development programs
  • Learning and development, with access to cutting-edge tools, training and industry experts
  • Fulltime
Read More
Arrow Right

Devsecops Engineer

We are seeking a proactive and detail-oriented IT Support Specialist to join our...
Location
Location
United States , San Francisco Bay Area
Salary
Salary:
150000.00 - 200000.00 USD / Year
arize.com Logo
Arize
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience in IT support or systems administration in a Mac-only, remote-first environment
  • Hands-on experience with: Google Workspaces admin console & SSO
  • Office 365 suite
  • Zoom admin controls
  • Atlassian (Jira, Confluence)
  • GitHub (user access, integrations, permissions)
  • Kandji or similar MDM solutions
  • Bitdefender or similar endpoint protection tools
  • Scripting or programming language
  • Familiarity with compliance frameworks: SOC 2 Type 2, ISO 27001, PCI DSS
Job Responsibility
Job Responsibility
  • Provide Tier 1 and Tier 2 support for a fully remote workforce using MacBooks exclusively
  • Manage and support user accounts, access provisioning, and integrations across Google Workspaces, Office 365, Zoom, Atlassian tools, GitHub
  • Administer and enforce device security and compliance policies through Kandji MDM and Bitdefender
  • Handle troubleshooting of hardware, software, VPN (OpenVPN), and cloud service issues
  • Maintain and document standard operating procedures for IT systems and user support
  • Support audits and evidence gathering for ISO 27001, SOC 2 Type II, and PCI DSS compliance
  • Assist in responding to security questionnaires from prospects and partners as part of the sales process
  • Monitor system logs and alerts to detect and remediate potential threats
  • Ensure compliance with identity and access management protocols across all integrated platforms
  • Assist in tracking and reporting IT and security metrics for internal review and audits
What we offer
What we offer
  • Medical, dental, vision
  • 401(k) plan
  • Unlimited paid time off
  • Generous parental leave plan
  • Mental and wellness support
  • WFH monthly stipend
  • Fulltime
Read More
Arrow Right

Devsecops Engineer

Yotpo is leading the next era of trust and loyalty in eCommerce. With AI-powered...
Location
Location
Bulgaria , Sofia
Salary
Salary:
Not provided
yotpo.com Logo
Yotpo
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of hands-on experience as Cloud Security Engineer, DevSecOps, or similar roles within an AWS environment
  • Expertise in managing cloud security controls (IAM, Security Groups/ACLs, WAF, IDS/IPS, load balancing, proxies, VMs, serverless)
  • Experience securing Kubernetes and containerized workloads
  • Proficiency with Python/Bash scripting and automation
  • Experience with Infrastructure-as-Code (IaC), preferably Terraform, and CI/CD tooling (e.g., GitHub Actions)
  • Strong communication skills to influence and guide teams as a cloud security SME
  • Excellent problem-solving skills for high-complexity environments
  • Excellent written and verbal English
Job Responsibility
Job Responsibility
  • Serve as Cloud Security Subject Matter Expert (SME), actively supporting R&D and product teams in developing secure solutions
  • Design secure cloud architectures and implement practical, automated, and scalable controls across services in partnership with DevOps, R&D, and Product teams
  • Continuously assess cloud security posture, identifying gaps and opportunities to reduce risk and adopt best practices
  • Implement, mature, and automate end-to-end cloud security controls across AWS, Kubernetes, CI/CD pipelines, and self-managed systems
  • Lead and improve vulnerability management workflows
  • communicate vulnerabilities and mitigation strategies to stakeholders, balancing business agility and security
  • Own the full lifecycle of security initiatives from proof of concept (POC) and design to deployment and operation while promoting a security-first mindset
  • Maintain and develop the team knowledge base
  • Stay curious and enjoy working with modern security tools and technologies
What we offer
What we offer
  • 25 days paid vacation with add-ons for loyalty
  • regular team buildings and celebrations in and outside the country
  • Additional health insurance package
  • Internal mobility program and refer-a-friend program
  • Managing a fixed monthly budget for social benefits thru Re:Benefit – a flexible online benefits solution
  • Food vouchers
  • E-learning portals and knowledge sharing sessions
  • Company backed Hackathons, Tech conferences, workshops events, etc
  • Stocked kitchen and bar
  • Equity in options
  • Fulltime
Read More
Arrow Right

DevSecOps Engineer

Our client, is seeking an experienced DevSecOps Engineer to support a major fede...
Location
Location
Canada , Ottawa
Salary
Salary:
Not provided
myticas.com Logo
Myticas Consulting
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 5 years (within the past 10 years) experience as an Enterprise DevSecOps Engineer
  • At least 2 years supporting Public Sector clients
  • 5 years (within the past 15 years) delivering DevSecOps services on ServiceNow implementation projects
  • Valid security certification/designation, such as: CISSP, CISM (preferred) SSCP, CASP+, CySA+, Security+, or equivalent
Job Responsibility
Job Responsibility
  • Install, configure, test, and maintain operating systems, application software, and system tools
  • Define and manage security, backup, and redundancy strategies
  • Conduct security risk assessments aligned to solution architecture and threat landscape
  • Automate and enforce security controls within DevSecOps pipelines
  • Monitor system performance, logs, and processes
  • identify and resolve bottlenecks
  • Participate in incident management and security operations
  • Analyze, resolve, and monitor security incidents and vulnerabilities
  • Collaborate with Solution Architects on data architecture, standards, and governance
  • Design data models, interfaces, and integration patterns across systems
Read More
Arrow Right

Devsecops Engineer

QTEC Aerospace is seeking a DEVSECOPS ENGINEER to join our team of professionals...
Location
Location
United States , Huntsville
Salary
Salary:
Not provided
qtecinc.com Logo
QTEC Aerospace
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Software Engineering, Computer Programming, Information Technology, Mathematics, Physics, or a related field from an accredited university, along with at least 2 years of experience
  • or a Master's degree in a related field
  • or 6 years of relevant work experience may be considered as an alternative to a degree
  • DoD 8140 certification at IAT Level II or higher (such as Security+ CE, CCNA-Security, CySA+, CND, etc.)
  • Must have taken Information Technology or software development courses, and/or formal education/certification courses within the Information Technology, DevSecOps, or Software Development disciplines
  • Must possess strong communication abilities, along with excellent writing and presentation skills
  • Must be able to work independently/solo on large projects at times, and at other times be in a collaborative team environment with other DevSecOps engineers and other program development and deployment teams.
  • Excellent verbal and written communication skills, including ability to collaborate with cross-functional teams, and prepare and brief presentations to the customer as needed.
  • Self-motivated and customer-oriented
  • Candidates must currently have and be able to maintain a minimum DoD SECRET level security clearance.
Job Responsibility
Job Responsibility
  • Infrastructure-as-Code (IaC) Support
  • Assist in writing and updating Ansible playbooks, Packer images, and Python scripts for Windows and Linux hosts
  • Ensure all code is committed to Git and adheres to basic security guidelines
  • Automation Pipeline Assistance
  • Help build CI/CD jobs that provision, harden, and configure systems
  • Add basic automated tests, vulnerability scans, and compliance checks under the guidance of senior engineers
  • STIG Baseline Automation
  • Contribute reusable Ansible roles and simple Python utilities that apply DoD STIGs
  • Track compliance drift and raise tickets for remediation
  • Configuration Management
  • Fulltime
Read More
Arrow Right

DevSecOps Engineer

We are currently seeking a DevSecOps Engineer to join our team. If you have a pa...
Location
Location
Salary
Salary:
Not provided
deel.com Logo
Deel
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 3+ years in Security, SecOps, or DevSecOps roles
  • Hands-on experience creating, identifying and fixing infrastructure misconfigurations using policy-as-code and IaC security scanning tools such as Checkov, tfsec, or Terrascan
  • Basic programming skills in JavaScript, TypeScript, Python
  • experience with version control (e.g., Git) and CI/CD pipelines
  • Manage and tune WAF and firewall configurations (e.g., Cloudflare or equivalent) to protect
  • Familiarity with security principles, standards, and best practices, including common vulnerabilities (e.g., OWASP Top 10), secure coding, encryption, authentication, access control, and security testing
  • Proficiency in methodologies and tools, including understanding CI/CD pipelines, infrastructure automation (e.g., Docker, Kubernetes), configuration management, and monitoring/observability
  • Ability to assess risks and apply security controls, encompassing an understanding of threat modeling, risk assessment techniques, vulnerability management, and incident response planning
  • Effective collaboration with cross-functional teams (developers, security, operations), promoting security practices, and integrating security seamlessly into the development process
  • Proficiency in automation tools
Job Responsibility
Job Responsibility
  • Security Automation: Develop and maintain automated security tools and processes to identify vulnerabilities, perform code analysis,monitor systems and conduct security testing. This includes integrating security scanners, static code analysis tools, and vulnerability assessment tools into the CI/CD pipeline
  • Secure Infrastructure: Work with infrastructure and operations teams to design and implement secure cloud infrastructure, network architecture, and deployment processes. This involves ensuring proper access controls, encryption, and monitoring are in place
  • Continuous Monitoring: Implement security monitoring tools and processes to proactively identify and respond to security events and anomalies. This includes log analysis, intrusion detection, and system monitoring
  • Collaboration and Communication: Foster collaboration and communication between development, operations, and security teams. Act as a liaison to ensure that security requirements are understood and integrated into the development process
  • Compliance and Auditing: Assist in compliance assessments and audits to ensure adherence to regulatory requirements and industry standards. Collaborate with auditors and provide necessary documentation and evidence of security controls
What we offer
What we offer
  • Stock grant opportunities dependent on your role, employment status and location
  • Additional perks and benefits based on your employment status and country
  • The flexibility of remote work, including optional WeWork access
  • Fulltime
Read More
Arrow Right