CrawlJobs Logo

SDLC Security Operations Engineer (DevSecOps)

northbaysolutions.com Logo

NorthBay

Location Icon

Location:
India

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are looking for a hands-on SDLC Security Operations Engineer to embed security controls into CI/CD pipelines and engineering workflows for a larger enterprise customer in the UAE. This role focuses on operationalizing DevSecOps integrating scanning tools, enforcing pipeline guardrails, reducing security debt, and ensuring SDLC controls align with ISO 27001, SOC 2, PIC/DSS etc.

Job Responsibility:

  • Integrate and operate security controls across CI/CD pipelines using GitHub, GitLab, Azure DevOps, and Jenkins
  • Implement and manage SAST/DAST, dependency scanning, secret scanning, and pipeline security gates (build-time enforcement)
  • Establish secure build and release practices: artifact integrity, signing/verification, and controlled promotions across environments
  • Implement secure secrets management practices and prevent credential leakage in repos and pipelines
  • Drive remediation workflows with developers: triage findings, validate fixes, reduce false positives, and improve rule tuning
  • Embed security checks for infrastructure-as-code and configuration where applicable
  • ensure consistent secure-by-default patterns
  • Support secure SDLC documentation, control mapping, and audit evidence for ISO 27001, SOC 2, etc. (policies, logs, approvals, attestations)
  • Contribute to developer enablement via secure coding guidance, playbooks, and integration patterns that reduce friction

Requirements:

  • 7–9 years of experience in DevSecOps / Application Security Engineering / SDLC Security Operations
  • Strong hands-on experience with CI/CD tools: GitHub, GitLab, Azure DevOps, Jenkins
  • Hands-on experience operating AppSec tooling: SAST/DAST and software supply chain controls (dependency risk management)
  • Strong understanding of secure SDLC concepts (threat modeling basics, security testing, release governance)
  • Ability to collaborate deeply with engineering teams and translate findings into actionable fixes
  • Familiarity with Linux-based build environments and common developer workflows

Nice to have:

  • Experience in telecom, government or regulated environments with audit-driven SDLC controls
  • Exposure to container security, artifact repositories, and release governance patterns
  • Automation skills (Python/Bash) to streamline scanning, reporting, and control enforcement

Additional Information:

Job Posted:
January 20, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
NorthBay - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for SDLC Security Operations Engineer (DevSecOps)

Principal Security Engineer

We’re building a world-class global Security team as part of our Trust Program. ...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
highspot.com Logo
Highspot
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of robust, progressive experience in security engineering, application security, DevSecOps, incident detection and response, or closely related fields
  • Advanced proficiency in at least one programming language (Python, Ruby, Go, Rust, JavaScript), with deep experience conducting detailed code reviews and security assessments across multiple languages
  • Hands-on experience with deploying, operating, and interpreting results from security tools such as static analyzers, web vulnerability scanners, supply chain analysis scanners, and host-based intrusion detection systems
  • Demonstrated experience mentoring, coaching and guiding junior and mid-level security engineers, contributing to a strong team culture, and supporting peer development as a senior individual contributor
  • Demonstrated proactive approach, strong continuous learning orientation, and curiosity about emerging threats, security trends, and innovative technologies
  • Extensive expertise securing cloud-native environments (AWS, Azure, GCP, containers, microservices), with in-depth knowledge of modern cloud security risks and defenses
  • Demonstrated ability to embrace being wrong, practice humility, continuously learn from experiences, and actively seek insights through thoughtful questioning and collaboration
Job Responsibility
Job Responsibility
  • Lead comprehensive application security assessments, advanced threat modeling sessions, and secure code reviews across critical product features, internal tooling, endpoints, and third-party integrations
  • Collaborate strategically with product engineering to establish and enhance secure-by-default and privacy-by-design practices within the software development lifecycle (SDLC)
  • Lead and otherwise participate in incident detection, investigation, triage, containment, and root cause analysis for high impact security incidents, providing mentorship and guidance to junior engineers as required
  • Drive the development and continuous improvement of sophisticated detection rules, response automation, and optimized alert management across cloud environments, corporate infrastructure, and SaaS platforms
  • Lead and participate in complex vulnerability remediation processes, and effectively respond to security issues discovered by both internal teams and external sources
  • Document technical findings and strategic decisions in a clear and accessible manner, and procedural enhancements
  • significantly contribute to comprehensive security playbooks and knowledge repositories
  • Manage and oversee asksecurity@ request handling, and actively participate in sprint-based security activities, balancing strategic and tactical execution
  • Actively participate in the security on-call rotation, or provide senior-level guidance as required during an event and aid in rapid response capabilities to protect our 24x7 platform and global workforce
  • Fulltime
Read More
Arrow Right

Staff Product Security Engineer

We’re looking for a Staff Product Security Engineer to lead the design and imple...
Location
Location
United States
Salary
Salary:
184000.00 - 252000.00 USD / Year
alpha-sense.com Logo
AlphaSense
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in product, application, or cloud security engineering
  • Deep understanding of secure SDLC, threat modeling, and secure architecture design
  • Proven expertise with AWS cloud security concepts and best practices
  • Strong experience with container security, orchestration, and runtime protection
  • Proficiency in Python, Java, and/or JavaScript for security automation, code review, and tooling
  • Experience securing AI/ML pipelines, data workflows, or model-serving infrastructure
  • Familiarity with DevSecOps and continuous integration/deployment environments
Job Responsibility
Job Responsibility
  • Embed robust security practices throughout the software and AI development lifecycle (SDLC)
  • Lead secure design reviews, threat modeling, and risk assessments for AI-driven products, APIs, and backend services
  • Partner with engineering and product teams to ensure security, privacy, and compliance by design
  • Build and maintain security automation and governance frameworks that integrate seamlessly into development workflows
  • Architect and enforce security controls for AI/ML systems, including model training, data pipelines, and inference environments
  • Identify and mitigate AI-specific attack vectors such as data poisoning, model inversion, prompt injection, and model theft
  • Collaborate with governance and compliance teams to align with ethical AI principles and frameworks like NIST AI RMF and the EU AI Act
  • Implement model provenance, integrity, and auditability controls to ensure responsible and secure AI operations
  • Partner with DevOps and SRE teams to secure service meshes, container networking, and secrets management
  • Drive software supply chain security, including artifact integrity, dependency management, and vulnerability reduction
What we offer
What we offer
  • Competitive compensation, benefits, and career growth opportunities
  • Opportunity to shape and drive product security strategy
  • Collaborative and security-minded engineering culture
  • Work on cutting-edge security challenges in a fast-growing company
  • Performance-based bonus, equity, and a generous benefits program
  • Fulltime
Read More
Arrow Right

SDLC Security Operations Engineer (DevSecOps)

We are looking for a hands-on SDLC Security Operations Engineer to embed securit...
Location
Location
Pakistan
Salary
Salary:
Not provided
northbaysolutions.com Logo
NorthBay
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7–9 years of experience in DevSecOps / Application Security Engineering / SDLC Security Operations
  • Strong hands-on experience with CI/CD tools: GitHub, GitLab, Azure DevOps, Jenkins
  • Hands-on experience operating AppSec tooling: SAST/DAST and software supply chain controls (dependency risk management)
  • Strong understanding of secure SDLC concepts (threat modeling basics, security testing, release governance)
  • Ability to collaborate deeply with engineering teams and translate findings into actionable fixes
  • Familiarity with Linux-based build environments and common developer workflows
Job Responsibility
Job Responsibility
  • Integrate and operate security controls across CI/CD pipelines using GitHub, GitLab, Azure DevOps, and Jenkins
  • Implement and manage SAST/DAST, dependency scanning, secret scanning, and pipeline security gates (build-time enforcement)
  • Establish secure build and release practices: artifact integrity, signing/verification, and controlled promotions across environments
  • Implement secure secrets management practices and prevent credential leakage in repos and pipelines
  • Drive remediation workflows with developers: triage findings, validate fixes, reduce false positives, and improve rule tuning
  • Embed security checks for infrastructure-as-code and configuration where applicable
  • ensure consistent secure-by-default patterns
  • Support secure SDLC documentation, control mapping, and audit evidence for ISO 27001, SOC 2, etc. (policies, logs, approvals, attestations)
  • Contribute to developer enablement via secure coding guidance, playbooks, and integration patterns that reduce friction
  • Fulltime
Read More
Arrow Right

Senior Director, Security Engineering

At Modus Create, we help organizations build modern platforms and products with ...
Location
Location
United States of America
Salary
Salary:
Not provided
moduscreate.com Logo
Modus Create
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15+ years in security, software, or systems engineering roles
  • 7+ years leading senior security engineers, managers, or Directors—ideally in global, distributed, or consulting environments
  • Hands-on experience with modern security engineering across application, cloud, and platform environments, including secure SDLC, CI/CD security, infrastructure-as-code, and threat modeling
  • Proven success supporting pre-sales, solutioning, and growing security-led engagements within enterprise or mid-market accounts
  • Demonstrated ability to build scalable security practices, uplift team capabilities, and develop high-performing, inclusive security engineering teams
  • Strong empathy for client risk, constraints, and delivery realities, with the ability to translate security needs into pragmatic, measurable outcomes
  • Effective across technical, executive, and cross-functional settings, with the ability to clearly articulate risk, tradeoffs, and recommendations to diverse stakeholders
  • Technical Skills: secure-by-design systems, threat modeling, risk assessment, vulnerability management, penetration testing, incident readiness and remediation
  • Cloud & Infrastructure Security: cloud security architecture, multi-account strategy, IAM, network security, shared services, secure landing zones
  • Application Security: secure SDLC, code review practices, dependency and supply-chain security, secrets management, configuration hardening
Job Responsibility
Job Responsibility
  • Embed Security into Modern Delivery: Integrate security into development workflows, CI/CD pipelines, and infrastructure-as-code
  • Drive shift-left security practices in partnership with platform and product teams
  • Ensure security tooling and controls enable delivery velocity rather than block it
  • Promote secure-by-design patterns across cloud-native and platform environments
  • Deliver Trusted, Secure Systems: Lead threat modeling, vulnerability management, and remediation planning across engagements
  • Guide incident readiness, root cause analysis, and systemic risk reduction
  • Ensure security risks are clearly articulated, prioritized, and addressed
  • Balance short-term delivery needs with long-term security posture
  • Lead & Grow Security Teams: Lead, mentor, and develop Directors and senior security practitioners
  • Set clear expectations around ownership, quality, and professional growth
What we offer
What we offer
  • Remote work with flexible working hours
  • Modus Global Office Program: on-demand access to private offices, meeting rooms, coworking spaces and business lounges in locations in over 120 countries
  • Employee Referral Program
  • Client Referral Program
  • Travel according to client or team needs
  • The chance to work side-by-side with thought leaders in emerging tech
  • Fulltime
Read More
Arrow Right

Security Engineer II

In this role, you’ll partner with other technology teams to design and implement...
Location
Location
United States
Salary
Salary:
160000.00 - 185000.00 USD / Year
humaninterest.com Logo
Human Interest
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 2 years in a security focused engineering role
  • Minimum 5 years in software engineering role
  • Proficient coding ability in at least one modern programming language. E.g.Typescript/Javascript, Ruby, Java, Python, Golang
  • Practical experience securing cloud environments
  • Strong communication skills: you can easily discuss complex technical concepts with both engineers and non-engineers
  • Strong ownership and bias for action: You love to roll up your sleeves. You are proactive, drive projects from start to finish, and lead cross-functional projects, while keeping stakeholders informed
  • Leader and Mentor: You are a recognized leader in your areas of responsibility, and enjoy sharing knowledge and mentoring others
  • Operational Excellence: you raise the bar on the quality of the software and infrastructure that you work on
Job Responsibility
Job Responsibility
  • Build practical controls to improve the effectiveness and robustness of our engineering team
  • Foster a DevSecOps culture through education, automation, and tooling
  • Secure our SDLC process through automation
  • Implement checks in pipeline
  • Perform security reviews of application code
  • Take part in team on call rotation for security events and monitoring alerts
  • Advocate and educate security best practices
  • Create tooling and automation to efficiently respond to security events
  • Partner with stakeholders to respond and mitigate security threats
What we offer
What we offer
  • A great 401(k) plan: Our own! Our 401(k) includes a dollar-for-dollar employer match up to 4% of compensation (immediately vested) and $0 plan fees
  • Top-of-the-line health plans, as well as dental and vision insurance
  • Competitive time off and parental leave
  • Addition Wealth: Unlimited access to digital tools, financial professionals, and a knowledge center to help you understand your equity and support your financial wellness
  • Lyra: Enhanced Mental Health Support for Employees and dependents
  • Carrot: Fertility healthcare and family forming benefits
  • Candidly: Student loan resource to help you and your family plan, borrow, and repay student debt
  • Monthly work-from-home stipend
  • quarterly lifestyle stipend
  • Engaging team-building experiences, ranging from virtual social events to team offsites, promoting collaboration and camaraderie
  • Fulltime
Read More
Arrow Right

Application Security Engineer

Zuora’s Application Security & Security Engineering team partners closely with e...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
zuora.com Logo
Zuora
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in application security, software development, or a related engineering role
  • Strong understanding of secure software development practices, including experience working with developers to embed security into the SDLC
  • Hands-on experience conducting security design reviews, threat modeling, and code reviews for web and cloud-based applications
  • Familiarity with common application vulnerabilities (e.g., OWASP Top 10) and experience in identifying and remediating them
  • Experience working with security tools such as SAST, DAST, SCA, and container security scanners
  • Ability to communicate security concepts effectively to both technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Collaborate with teams across a global organization to support the adoption and implementation of secure software development practices and tooling
  • Contribute hands-on to critical engineering and tooling projects, working closely with technical leads and product owners to ensure security is a key part of successful project outcomes
  • Mentor engineers and influence architectural decisions to ensure security is embedded by design
  • Design and develop reusable, flexible security components and APIs to support scalable, secure application development across the company
  • Define and promote best practices to ensure software security without compromising functionality, usability, reliability, or availability
  • Participate in design and code reviews, providing actionable security recommendations as needed
  • Collaborate with project teams to design and prototype secure solutions, validating key assumptions and security objectives
  • Evaluate, implement, and support a range of security tools to improve visibility and reduce risk
  • Build strong relationships and communicate effectively with stakeholders throughout the SDLC, including Product, Engineering, and Operations teams
What we offer
What we offer
  • Competitive compensation, variable bonus and performance reward opportunities, and retirement programs
  • Medical, dental and vision insurance
  • Generous, flexible time off
  • Paid holidays, “wellness” days and company wide end of year break
  • 6 months fully paid parental leave
  • Learning & Development stipend
  • Opportunities to volunteer and give back, including charitable donation match
  • Free resources and support for your mental wellbeing
Read More
Arrow Right

Application Security Engineer II

Zuora’s Application Security & Security Engineering team partners closely with e...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
zuora.com Logo
Zuora
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience in application security, software development, or a related engineering role
  • Strong understanding of secure software development practices, including experience working with developers to embed security into the SDLC
  • Hands-on experience conducting security design reviews, threat modeling, and code reviews for web and cloud-based applications
  • Familiarity with common application vulnerabilities (e.g., OWASP Top 10) and experience in identifying and remediating them
  • Experience working with security tools such as SAST, DAST, SCA, and container security scanners
  • Ability to communicate security concepts effectively to both technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Collaborate with teams across a global organization to support the adoption and implementation of secure software development practices and tooling
  • Contribute hands-on to critical engineering and tooling projects, working closely with technical leads and product owners to ensure security is a key part of successful project outcomes
  • Mentor engineers and influence architectural decisions to ensure security is embedded by design
  • Design and develop reusable, flexible security components and APIs to support scalable, secure application development across the company
  • Define and promote best practices to ensure software security without compromising functionality, usability, reliability, or availability
  • Participate in design and code reviews, providing actionable security recommendations as needed
  • Collaborate with project teams to design and prototype secure solutions, validating key assumptions and security objectives
  • Evaluate, implement, and support a range of security tools to improve visibility and reduce risk
  • Build strong relationships and communicate effectively with stakeholders throughout the SDLC, including Product, Engineering, and Operations teams
What we offer
What we offer
  • Competitive compensation, variable bonus and performance reward opportunities, and retirement programs
  • Medical, dental and vision insurance
  • Generous, flexible time off
  • Paid holidays, “wellness” days and company wide end of year break
  • 6 months fully paid parental leave
  • Learning & Development stipend
  • Opportunities to volunteer and give back, including charitable donation match
  • Free resources and support for your mental wellbeing
Read More
Arrow Right

Staff Platform Security Engineer

Fivetran is building data pipelines to power the modern data stack for thousands...
Location
Location
United States , Denver
Salary
Salary:
171389.00 - 214236.00 USD / Year
fivetran.com Logo
Fivetran
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Application Security Expertise: Deep expertise in identifying and mitigating security vulnerabilities within applications (e.g., OWASP Top 10), particularly in Java codebases
  • Secure SDLC: Extensive experience integrating security into the software development lifecycle, from design and code review to testing and deployment
  • Java Proficiency: Senior-level experience with Java codebases: building, running, profiling, and optimizing Java applications in secure environments
  • Container Security: Strong experience with Docker image creation, optimization, and vulnerability mitigation, specifically for applications
  • CI/CD & Automation: Proficiency with CI/CD tools (e.g., Jenkins, GitLab CI, GitHub Actions) and experience integrating security tools into automated pipelines
  • Tooling Familiarity: Familiarity with a range of security tools for CI/CD security, static analysis (SAST), dynamic analysis (DAST), dependency analysis (SCA), and secrets management
  • Adversarial AI & Defense: Familiarity with modern attack techniques, offensive security methodologies, and defense strategies, including OWASP Top 10 for LLMs (e.g., Prompt Injection, Data Poisoning, and Model Inversion)
  • Scripting: Proficiency in scripting or programming languages (e.g., Bash, Python, Go) to automate security processes and tool integration
  • Problem-Solving: Excellent problem-solving and troubleshooting skills, with the ability to work independently in fast-paced environments
  • Communication: Strong communication skills with the ability to effectively collaborate with and educate engineering teams on security principles and best practices
Job Responsibility
Job Responsibility
  • Collaborate with engineering teams to integrate and manage security tooling within the SDLC, strategically automating security checks and feedback loops to enhance efficiency and security posture
  • Perform vulnerability scanning and participate in penetration testing exercises, automating scanning processes judiciously to identify common weaknesses, while reserving manual efforts for complex and nuanced assessments. Report findings and assist with remediation efforts
  • Develop and maintain automation scripts and infrastructure-as-code for security checks related to machine configurations, container images, IAM policies, firewall rules, and cloud storage policies
  • Implement and configure security controls within enterprise applications based on security best practices and architectural guidance
  • Contribute to threat modeling efforts by providing technical insights and implementing identified security controls
  • Work directly with engineering teams to troubleshoot and resolve security challenges across the stack while promoting a security-first mindset, identifying and automating recurring troubleshooting steps or remediation processes where it significantly improves response times and reduces manual intervention
  • Implement and operationalize security solutions for cloud-native and hybrid infrastructure based on architectural guidelines
  • Collaborate with infrastructure and cloud security teams to implement and maintain security controls across the entire technology stack, strategically prioritizing automation for consistent enforcement, monitoring, and alerting to improve overall security and reduce manual overhead
  • Implement and manage security assessment tools, including vulnerability scanners, SIEM agents, DLP endpoints, and EDR sensors
  • Participate in security assessment reviews by providing practical implementation feedback and identifying potential operational challenges
What we offer
What we offer
  • 100% employer-paid medical insurance*
  • Generous paid time-off policy (PTO), plus paid sick time, inclusive parental leave policy, holidays, and volunteer days off
  • RSU stock grants*
  • Professional development and training opportunities
  • Company virtual happy hours, free food, and fun team-building activities
  • Monthly cell phone stipend
  • Access to an innovative mental health support platform that offers personalized care and resources in areas such as: therapy, coaching, and self-guided mindfulness exercises for all covered employees and their covered dependents
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy