CrawlJobs Logo

SDLC Security Operations Engineer (DevSecOps)

northbaysolutions.com Logo

NorthBay

Location Icon

Location:
India

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are looking for a hands-on SDLC Security Operations Engineer to embed security controls into CI/CD pipelines and engineering workflows for a larger enterprise customer in the UAE. This role focuses on operationalizing DevSecOps integrating scanning tools, enforcing pipeline guardrails, reducing security debt, and ensuring SDLC controls align with ISO 27001, SOC 2, PIC/DSS etc.

Job Responsibility:

  • Integrate and operate security controls across CI/CD pipelines using GitHub, GitLab, Azure DevOps, and Jenkins
  • Implement and manage SAST/DAST, dependency scanning, secret scanning, and pipeline security gates (build-time enforcement)
  • Establish secure build and release practices: artifact integrity, signing/verification, and controlled promotions across environments
  • Implement secure secrets management practices and prevent credential leakage in repos and pipelines
  • Drive remediation workflows with developers: triage findings, validate fixes, reduce false positives, and improve rule tuning
  • Embed security checks for infrastructure-as-code and configuration where applicable
  • ensure consistent secure-by-default patterns
  • Support secure SDLC documentation, control mapping, and audit evidence for ISO 27001, SOC 2, etc. (policies, logs, approvals, attestations)
  • Contribute to developer enablement via secure coding guidance, playbooks, and integration patterns that reduce friction

Requirements:

  • 7–9 years of experience in DevSecOps / Application Security Engineering / SDLC Security Operations
  • Strong hands-on experience with CI/CD tools: GitHub, GitLab, Azure DevOps, Jenkins
  • Hands-on experience operating AppSec tooling: SAST/DAST and software supply chain controls (dependency risk management)
  • Strong understanding of secure SDLC concepts (threat modeling basics, security testing, release governance)
  • Ability to collaborate deeply with engineering teams and translate findings into actionable fixes
  • Familiarity with Linux-based build environments and common developer workflows

Nice to have:

  • Experience in telecom, government or regulated environments with audit-driven SDLC controls
  • Exposure to container security, artifact repositories, and release governance patterns
  • Automation skills (Python/Bash) to streamline scanning, reporting, and control enforcement

Additional Information:

Job Posted:
January 20, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
NorthBay - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for SDLC Security Operations Engineer (DevSecOps)

Principal Security Engineer

We’re building a world-class global Security team as part of our Trust Program. ...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
highspot.com Logo
Highspot
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of robust, progressive experience in security engineering, application security, DevSecOps, incident detection and response, or closely related fields
  • Advanced proficiency in at least one programming language (Python, Ruby, Go, Rust, JavaScript), with deep experience conducting detailed code reviews and security assessments across multiple languages
  • Hands-on experience with deploying, operating, and interpreting results from security tools such as static analyzers, web vulnerability scanners, supply chain analysis scanners, and host-based intrusion detection systems
  • Demonstrated experience mentoring, coaching and guiding junior and mid-level security engineers, contributing to a strong team culture, and supporting peer development as a senior individual contributor
  • Demonstrated proactive approach, strong continuous learning orientation, and curiosity about emerging threats, security trends, and innovative technologies
  • Extensive expertise securing cloud-native environments (AWS, Azure, GCP, containers, microservices), with in-depth knowledge of modern cloud security risks and defenses
  • Demonstrated ability to embrace being wrong, practice humility, continuously learn from experiences, and actively seek insights through thoughtful questioning and collaboration
Job Responsibility
Job Responsibility
  • Lead comprehensive application security assessments, advanced threat modeling sessions, and secure code reviews across critical product features, internal tooling, endpoints, and third-party integrations
  • Collaborate strategically with product engineering to establish and enhance secure-by-default and privacy-by-design practices within the software development lifecycle (SDLC)
  • Lead and otherwise participate in incident detection, investigation, triage, containment, and root cause analysis for high impact security incidents, providing mentorship and guidance to junior engineers as required
  • Drive the development and continuous improvement of sophisticated detection rules, response automation, and optimized alert management across cloud environments, corporate infrastructure, and SaaS platforms
  • Lead and participate in complex vulnerability remediation processes, and effectively respond to security issues discovered by both internal teams and external sources
  • Document technical findings and strategic decisions in a clear and accessible manner, and procedural enhancements
  • significantly contribute to comprehensive security playbooks and knowledge repositories
  • Manage and oversee asksecurity@ request handling, and actively participate in sprint-based security activities, balancing strategic and tactical execution
  • Actively participate in the security on-call rotation, or provide senior-level guidance as required during an event and aid in rapid response capabilities to protect our 24x7 platform and global workforce
  • Fulltime
Read More
Arrow Right

Staff Product Security Engineer

We’re looking for a Staff Product Security Engineer to lead the design and imple...
Location
Location
United States
Salary
Salary:
184000.00 - 252000.00 USD / Year
alpha-sense.com Logo
AlphaSense
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in product, application, or cloud security engineering
  • Deep understanding of secure SDLC, threat modeling, and secure architecture design
  • Proven expertise with AWS cloud security concepts and best practices
  • Strong experience with container security, orchestration, and runtime protection
  • Proficiency in Python, Java, and/or JavaScript for security automation, code review, and tooling
  • Experience securing AI/ML pipelines, data workflows, or model-serving infrastructure
  • Familiarity with DevSecOps and continuous integration/deployment environments
Job Responsibility
Job Responsibility
  • Embed robust security practices throughout the software and AI development lifecycle (SDLC)
  • Lead secure design reviews, threat modeling, and risk assessments for AI-driven products, APIs, and backend services
  • Partner with engineering and product teams to ensure security, privacy, and compliance by design
  • Build and maintain security automation and governance frameworks that integrate seamlessly into development workflows
  • Architect and enforce security controls for AI/ML systems, including model training, data pipelines, and inference environments
  • Identify and mitigate AI-specific attack vectors such as data poisoning, model inversion, prompt injection, and model theft
  • Collaborate with governance and compliance teams to align with ethical AI principles and frameworks like NIST AI RMF and the EU AI Act
  • Implement model provenance, integrity, and auditability controls to ensure responsible and secure AI operations
  • Partner with DevOps and SRE teams to secure service meshes, container networking, and secrets management
  • Drive software supply chain security, including artifact integrity, dependency management, and vulnerability reduction
What we offer
What we offer
  • Competitive compensation, benefits, and career growth opportunities
  • Opportunity to shape and drive product security strategy
  • Collaborative and security-minded engineering culture
  • Work on cutting-edge security challenges in a fast-growing company
  • Performance-based bonus, equity, and a generous benefits program
  • Fulltime
Read More
Arrow Right

Application Security Engineer II

In this role, you will support Rackspace's application security program by imple...
Location
Location
India
Salary
Salary:
Not provided
rackspace.com Logo
Rackspace
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2-4 years in the information security field
  • Experience working with application security, security testing, or DevSecOps practices
  • Working knowledge of the SDLC, security concepts, and vulnerability assessment methodologies
  • Hands-on experience with or understanding of programming and scripting languages including one or more of the following: Python, Java, Node.js, Go, Ruby, PHP
  • databases such as SQL
  • and related tools such as Github, Gitlab, Jenkins, and CircleCI
  • Understanding of common vulnerabilities, remediation approaches, and industry-standard classification schemes (CVE, CWE, CVSS, OWASP Top 10)
  • Familiarity with relevant compliance regulations, such as PCI-DSS, ISO 27001, SOC 2, or HIPAA
  • Passion for security and eagerness to learn about new technologies and emerging security vulnerabilities
  • Strong communication skills with the ability to work collaboratively across teams
Job Responsibility
Job Responsibility
  • Execute application security testing using both automated tools and manual testing techniques on web applications, APIs, containers, and other software components
  • Configure, maintain, and operate SAST, DAST, and other application security testing tools
  • Analyze and triage security findings, documenting clear remediation guidance for development teams
  • Support the vulnerability reporting process and track findings through to resolution
  • Assist with triage and validation of external vulnerability disclosures and bug bounty reports
  • Contribute to the development and documentation of application security processes and standards
  • Participate in security code reviews and threat modeling exercises
  • Help track and report metrics for application security program health
  • Collaborate with development and DevOps teams to integrate security into CI/CD pipelines
  • Stay current with application security trends, tools, and best practices
  • Fulltime
Read More
Arrow Right

Application Security Engineer

Zuora’s Application Security & Security Engineering team partners closely with e...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
zuora.com Logo
Zuora
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in application security, software development, or a related engineering role
  • Strong understanding of secure software development practices, including experience working with developers to embed security into the SDLC
  • Hands-on experience conducting security design reviews, threat modeling, and code reviews for web and cloud-based applications
  • Familiarity with common application vulnerabilities (e.g., OWASP Top 10) and experience in identifying and remediating them
  • Experience working with security tools such as SAST, DAST, SCA, and container security scanners
  • Ability to communicate security concepts effectively to both technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Collaborate with teams across a global organization to support the adoption and implementation of secure software development practices and tooling
  • Contribute hands-on to critical engineering and tooling projects, working closely with technical leads and product owners to ensure security is a key part of successful project outcomes
  • Mentor engineers and influence architectural decisions to ensure security is embedded by design
  • Design and develop reusable, flexible security components and APIs to support scalable, secure application development across the company
  • Define and promote best practices to ensure software security without compromising functionality, usability, reliability, or availability
  • Participate in design and code reviews, providing actionable security recommendations as needed
  • Collaborate with project teams to design and prototype secure solutions, validating key assumptions and security objectives
  • Evaluate, implement, and support a range of security tools to improve visibility and reduce risk
  • Build strong relationships and communicate effectively with stakeholders throughout the SDLC, including Product, Engineering, and Operations teams
What we offer
What we offer
  • Competitive compensation, variable bonus and performance reward opportunities, and retirement programs
  • Medical, dental and vision insurance
  • Generous, flexible time off
  • Paid holidays, “wellness” days and company wide end of year break
  • 6 months fully paid parental leave
  • Learning & Development stipend
  • Opportunities to volunteer and give back, including charitable donation match
  • Free resources and support for your mental wellbeing
Read More
Arrow Right

Application Security Engineer II

Zuora’s Application Security & Security Engineering team partners closely with e...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
zuora.com Logo
Zuora
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience in application security, software development, or a related engineering role
  • Strong understanding of secure software development practices, including experience working with developers to embed security into the SDLC
  • Hands-on experience conducting security design reviews, threat modeling, and code reviews for web and cloud-based applications
  • Familiarity with common application vulnerabilities (e.g., OWASP Top 10) and experience in identifying and remediating them
  • Experience working with security tools such as SAST, DAST, SCA, and container security scanners
  • Ability to communicate security concepts effectively to both technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Collaborate with teams across a global organization to support the adoption and implementation of secure software development practices and tooling
  • Contribute hands-on to critical engineering and tooling projects, working closely with technical leads and product owners to ensure security is a key part of successful project outcomes
  • Mentor engineers and influence architectural decisions to ensure security is embedded by design
  • Design and develop reusable, flexible security components and APIs to support scalable, secure application development across the company
  • Define and promote best practices to ensure software security without compromising functionality, usability, reliability, or availability
  • Participate in design and code reviews, providing actionable security recommendations as needed
  • Collaborate with project teams to design and prototype secure solutions, validating key assumptions and security objectives
  • Evaluate, implement, and support a range of security tools to improve visibility and reduce risk
  • Build strong relationships and communicate effectively with stakeholders throughout the SDLC, including Product, Engineering, and Operations teams
What we offer
What we offer
  • Competitive compensation, variable bonus and performance reward opportunities, and retirement programs
  • Medical, dental and vision insurance
  • Generous, flexible time off
  • Paid holidays, “wellness” days and company wide end of year break
  • 6 months fully paid parental leave
  • Learning & Development stipend
  • Opportunities to volunteer and give back, including charitable donation match
  • Free resources and support for your mental wellbeing
Read More
Arrow Right

Senior DevOps Engineer

We are seeking a highly skilled Senior DevOps Engineer to help us integrate secu...
Location
Location
United States , Menlo Park
Salary
Salary:
168961.00 - 190081.00 USD / Year
billiontoone.com Logo
BillionToOne
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Engineering, or related field or equivalent relevant years of experience
  • 6–10 years of experience in DevOps, DevSecOps, or related roles
  • Deep expertise with AWS cloud services and cloud-native security tools
  • Proficiency with container orchestration (Kubernetes, Docker)
  • Strong scripting/programming skills (Python, Bash, or Go)
  • Experience with version control tools (Git, Bitbucket, SVN, or CVS)
  • Solid background in Linux and Windows administration, networking, databases, and data center operations
  • Strong understanding of security protocols and secure system design
  • Excellent problem-solving, troubleshooting, and communication abilities—able to clearly and concisely express multifaceted technical concepts
  • Demonstrated ability to work independently with minimal oversight while driving projects to completion
Job Responsibility
Job Responsibility
  • AWS Infrastructure Management: Design, build, and maintain scalable, secure infrastructure on AWS, leveraging services like EC2, ECS/EKS, Lambda, RDS, S3, VPC, IAM, and Route 53
  • Infrastructure as Code (IaC): Automate provisioning and management using Terraform, CloudFormation, or Ansible
  • ensure infrastructure is defined, versioned, and secured according to best practices
  • CI/CD Pipeline Security: Implement and secure continuous integration and deployment pipelines, ensuring security in every stage from development through production
  • Security Integration: Integrate security practices into the development lifecycle—baking in secure coding, vulnerability monitoring, and automated controls across the SDLC
  • Monitoring & Observability: Develop and maintain dashboards and alerts using DataDog, AWS CloudWatch, CloudTrail, GuardDuty, and Config
  • track vulnerabilities, incidents, and system performance
  • Day-to-Day Operations: Support user account management, troubleshooting, and system monitoring to ensure uptime and reliability
  • Collaboration: Partner with development, operations, and security teams to define and enforce security best practices, policies, and procedures
  • Incident Response: Assist with detection, analysis, and response efforts to resolve issues quickly and thoroughly
What we offer
What we offer
  • Working alongside brilliant, kind, passionate and dedicated colleagues, in an empowering environment, toward a global vision, striving for a future in which transformative molecular diagnostics can help millions of patients
  • Open, transparent culture that includes weekly Town Hall meetings
  • The ability to indirectly or directly change the lives of hundreds of thousands patients
  • Multiple medical benefit options
  • employee premiums paid 100% of select plans, dependents covered up to 80%
  • Extremely generous Family Bonding Leave for new parents (16 weeks, paid at 100%)
  • Supplemental fertility benefits coverage
  • Retirement savings program including a 4% Company match
  • Increase paid time off with increased tenure
  • Latest and greatest hardware (laptop, lab equipment, facilities)
  • Fulltime
Read More
Arrow Right

Director, Security

We're seeking a Director of Security to lead our enterprise security transformat...
Location
Location
United States , Sunnyvale
Salary
Salary:
160000.00 - 235000.00 USD / Year
commscope.com Logo
CommScope
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 15+ years in information security with 7+ years leading security teams in enterprise environments
  • Multi-framework compliance expertise including SOC2, NIS2, GovRAMP, PCI-DSS, ISO 27001
  • Strong GCP/AWS cloud security background with Kubernetes and container security experience
  • Linux systems security expertise and automation experience (scripting, infrastructure as code)
  • Network security architecture knowledge, especially enterprise networking and on-premises devices
  • SaaS product security experience with secure SDLC and DevSecOps practices
  • Global team leadership experience managing distributed security organizations
  • Executive communication skills with ability to influence C-level stakeholders and present to boards
  • Experience embedding security engineers within product development teams
Job Responsibility
Job Responsibility
  • Build and lead Security Operations team across global development centers (West Coast US, Taiwan, Bangalore)
  • Drive compliance certifications including SOC2, NIS2, GovRAMP and any other required
  • Establish embedded security model with security engineers per product team reporting to Security organization
  • Own enterprise audit relationships and certification processes across all compliance frameworks
  • Implement comprehensive vulnerability management across nine products with defined SLAs and remediation
  • Build 24/7 Security Operations Center with global coverage and incident response capabilities
  • Lead annual penetration testing program across all products and cloud infrastructure
  • Drive security-by-design practices and secure SDLC integration across development teams
  • Establish threat intelligence program and proactive security monitoring capabilities
  • Enable strategic partnerships by satisfying enterprise security requirements for Fortune 500 customers
What we offer
What we offer
  • Medical, dental, and vision plans
  • Life and accidental death insurance
  • 401(k) plan
  • Participation in the Company’s Incentive Plan
  • Eleven paid holidays in a full calendar year
  • Two weeks of paid vacation
  • Other leave options
  • Fulltime
Read More
Arrow Right

DevSecOps Engineer

You will be part of our infrastructure operations team. You will be responsible ...
Location
Location
Pakistan , Karachi
Salary
Salary:
Not provided
qordata.com Logo
qordata
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • BS Computer Science / Computer Engineering or equivalent
  • Minimum Experience – 2 to 4 years of professional experience in security operation engineer or similar capacity
  • Hands-on experience in operations including network, system, application security
  • Relevant Information Security Certifications
  • Must be aware of secure coding techniques
  • Strong knowledge of security industry standards
  • Knowledge and experience of audit reviews, risk treatment, secure SDLC, vulnerability fixing secure configurations, patch management
  • Knowledge and experience in using computer forensic tools, technologies, and methods
  • Experience with AWS Platform and cloud security
  • Good written and verbal communication skills
Job Responsibility
Job Responsibility
  • Evaluate, select, design, and configure security infrastructure systems in a global environment
  • Implementation of security in Cloud and Local environments
  • Run vulnerability assessment and penetration testing
  • Providing security guidelines to internal teams
  • Implementing the security solutions to ensure pre-emptive measures
  • Building and tracking security metrics
  • Fully engaged in the implementation of a DevOps practices for supporting IT
  • Employ Continuous Integration/Continuous Delivery (CI/CD) methodology to enable automation in building, testing, and deployment of applications
  • Be responsible for the planning, implementation, and growth of the AWS cloud infrastructure
  • Security threat mitigation
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Poland Jobs Ireland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy