CrawlJobs Logo

Application Security DevSecOps Specialist

nttdata.com Logo

NTT DATA

Location Icon

Location:
Romania , Brasov

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

The Application Security DevSecOps Specialist will play a vital role in integrating security into the software development lifecycle. This position requires a bachelor’s degree in Cybersecurity, Computer Science, or Software Engineering, along with 3-5 years of experience in application security engineering. The ideal candidate will have proficiency in multiple programming languages and extensive experience with application security tools. Responsibilities include conducting security assessments, mentoring engineers, and designing security automation within CI/CD workflows.

Job Responsibility:

  • Incorporate security controls and standards into all phases of the software development lifecycle (SDLC)
  • Collaborate with developers to adopt secure coding practices, including OWASP compliance
  • Conduct threat modeling and evaluate design documents to identify security vulnerabilities
  • Establish security requirements and acceptance criteria for application development projects
  • Design and implement security automation within CI/CD workflows using tools for SAST, DAST, IAST, SCA and compliance monitoring
  • Develop custom security testing frameworks compatible with agile and DevSecOps models
  • Conduct infrastructure-as-code (IaC) configuration checks and enforce compliance policies
  • Automate secrets scanning, credential hygiene practices, and dependency vulnerability reviews
  • Execute static (SAST) and dynamic (DAST) application security assessments
  • Perform manual penetration testing and secure code reviews to detect risks
  • Analyze application dependencies and third-party components, ensuring vulnerability remediation
  • Validate security fixes via rigorous regression testing and secure deployment methods
  • Prepare training initiatives for developers on secure coding practices, application security principles, and DevSecOps workflows
  • Create and disseminate security documentation, guidelines, and playbooks for developers and architects
  • Mentor engineers to adopt security-first product development and incident prevention strategies
  • Establish and support developer security champion programmes within agile teams
  • Implement robust security controls for containerized workloads in Docker, Kubernetes, and similar platforms
  • Design and secure API endpoints and microservices architectures
  • Leverage cloud security services on AWS, Azure, or GCP to deliver secure, scalable solutions
  • Advocate for best practices in secret management, repository vaulting, and cloud-native application monitoring

Requirements:

  • Bachelor’s degree in Cybersecurity, Computer Science, Software Engineering, or equivalent experience
  • Minimum 3-5 years of experience in application security engineering
  • Familiarity with implementing container security policies and securing high-performance CI/CD development ecosystems
  • Proficiency in multiple programming languages (e.g., Java, Python, JavaScript, Go, .NET)
  • Extensive experience deploying application security tools like SonarQube, Checkmarx, Veracode, OWASP ZAP
  • Expertise in CI/CD tools and platforms (e.g., Jenkins, GitHub Actions, Azure DevOps)
  • Solid understanding of container orchestration technologies (e.g., Kubernetes, Docker)
  • Familiarity with cloud platforms (AWS, Azure, GCP) and IaC assessment tools (Terraform, CloudFormation)
  • Advanced knowledge of the OWASP Top 10 vulnerabilities, secure coding techniques, and cryptographic best practices
  • Proficiency in API security testing and securing microservices
  • Hands-on involvement in framework-based security compliance efforts (ISO 27001, GDPR, SOC 2)
  • Exceptional collaboration and communication abilities when interfacing with software teams
  • Strong problem-solving mindset to balance security priorities in fast-paced DevOps environments
  • Capable of delivering security-focused workshops and team mentoring
  • Must meet UK SC Clearance eligibility guidelines
  • Excellent command of both spoken and written English

Nice to have:

  • Preferred certifications include CSSLP, GWEB, or a Certified DevSecOps Engineer qualification
  • AWS / Azure / GCP Security specialization certifications are advantageous
What we offer:
  • Smooth integration and a supportive mentor
  • Choose from Remote, Hybrid or Office work opportunities
  • Projects have different working hours to suit your needs
  • Sponsored certifications, trainings and top e-learning platforms
  • Private Health Insurance
  • Individual coaching sessions or joining our accredited Coaching School
  • Epic parties or themed events

Additional Information:

Job Posted:
January 24, 2026

Work Type:
Remote work
Icon
NTT DATA - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Application Security DevSecOps Specialist

Specialist DevSecOps Engineer

Join a dynamic, distributed team responsible for maintaining and evolving the De...
Location
Location
United Kingdom , Manchester
Salary
Salary:
Not provided
plus.net Logo
Plusnet
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Strong hands-on experience with AWS cloud services and cloud security best practices
  • Proficient in serverless architecture (Lambda, API Gateway) and containerized applications (ECS, ECR)
  • Experience with AEM release management and Adobe Cloud Service administration (training available if needed)
  • Skilled in Terraform or Pulumi for infrastructure automation
  • Knowledge of monitoring, alerting, and incident management tools (Dynatrace, PagerDuty)
  • Strong experience in CI/CD pipeline management (GitLab, Jenkins, Nexus, SonarQube)
  • Solid understanding of security policies, WAF, Certificate Manager, Cognito, and load balancing
  • Excellent problem-solving, communication, and collaboration skills
  • Willingness to work out-of-hours during release windows
Job Responsibility
Job Responsibility
  • Design, implement, and manage AWS cloud infrastructure (Lambda, API Gateway, CloudFront, DynamoDB, EC2, ECS/ECR, S3, WAF, Certificate Manager, Route53, Cognito, Load Balancers)
  • Ensure security compliance and best practices across all AWS resources
  • Manage AEM releases and Adobe Cloud Service administration
  • Build and maintain Terraform/Pulumi infrastructure-as-code (IaC) scripts for automated deployments
  • Monitor applications and infrastructure using Dynatrace and handle incident response via PagerDuty
  • Administer DevOps and CI/CD tools (GitLab, Jenkins, Nexus, SonarQube) to design and maintain pipelines
  • Develop and deploy end-to-end applications (Node.js, Java) to meet evolving business and technical requirements
  • Collaborate with development, security, and operations teams to deliver high-availability, scalable cloud solutions
  • Support out-of-hours releases, with time in lieu provided
What we offer
What we offer
  • An annual bonus of up to 10% (company & personal performance dependent)
  • BT Pension scheme
  • minimum 5% employee contribution, BT contribution 10%
  • Life Assurance
  • Exclusive colleague discounts on our latest and greatest BT broadband packages
  • 50% off EE mobile pay monthly or SIM only plans and 50% discount for friends and family on EE SIM only plans
  • BT TV, including TNT Sport and the NOW Entertainment membership, and 25% off NOW Sport, Cinema and Kids
  • Great support for working parents including pay whilst on maternity, adoptive, and paternity leave
  • Option to join the Healthcare Cash Plan or other benefits such as dental insurance, gym memberships etc.
  • 25 days annual leave (not including bank holidays), increasing with service
  • Fulltime
Read More
Arrow Right

Senior Information Security Specialist

As a Senior Information Security Specialist, you will play a critical role in sa...
Location
Location
United States , Clarksburg
Salary
Salary:
Not provided
imts.us Logo
Innovative Management & Technology Services
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent professional experience)
  • Minimum 7 years of experience in information security, IT risk management, or cybersecurity compliance, preferably in a federal or state agency environment
  • Demonstrated experience applying and interpreting NIST 800-53, OWASP, and DISA STIGs in real-world projects
  • Strong hands-on technical background in networking, system administration, or software development
  • Proficiency with SIEM tools—especially Splunk—for event correlation, alerting, and compliance reporting
  • Familiarity with Agile development environments and DevSecOps principles
  • Strong written and verbal communication skills, with the ability to create reports and briefings for technical and non-technical stakeholders
  • Active Top Secret clearance is required
  • U.S. Citizenship is required
Job Responsibility
Job Responsibility
  • Lead comprehensive reviews of management, operational, personnel, and technical controls throughout the system development lifecycle (SDLC)
  • Identify and assess emerging security risks, weaknesses, and vulnerabilities associated with infrastructure, applications, and operations
  • Collaborate with developers and engineers to ensure identified risks are mitigated and documented effectively
  • Ensure compliance with federal and industry security standards including NIST SP 800-53, OWASP Top 10, Common Criteria, DISA STIGs, and SANS Institute recommendations
  • Support and contribute to Authorization to Operate (ATO) packages, including preparation of SSPs, POA&Ms, and continuous monitoring (ConMon) artifacts
  • Advise on policy alignment and security architecture improvements to support secure Agile delivery
  • Apply technical knowledge of networking, system administration, and development to assess the security posture of enterprise environments
  • Utilize Splunk to perform audit log analysis, generate system alerts, and support threat hunting and incident response activities
  • Recommend and implement automated logging, monitoring, and security reporting processes
  • Engage proactively with Agile development teams, product owners, and ISSOs to embed security into project planning and delivery
What we offer
What we offer
  • competitive compensation
  • excellent benefits including tuition reimbursement and employer-contributed 401K
  • referral bonuses
  • Fulltime
Read More
Arrow Right

Cyber Security Devsecops Specialist

The DevSecOps Specialist will be crucial in integrating security practices withi...
Location
Location
Congo, the Democratic Republic of the , Kinshasa
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 3-5 years of experience in Cyber Security
  • Bachelor's degree in computer science, information technology, cyber security, or a related field
  • Security-related certifications such as DevOps Institute's DevSecOps Foundation
  • Certified Kubernetes Security Specialist (CKS)
  • AWS, Azure, or GCP Certified DevOps Engineer
  • Strong knowledge of cyber security principles and best practices
  • Exposure to DevSecOps Standards and Frameworks such as NIST Cybersecurity Framework (CSF), ISO/IEC 27001, CIS Controls, and OWASP Top Ten
  • Well-versed in DevOps and DevSecOps frameworks, such as the DevOps Institute's DevSecOps Foundation, and thoroughly understand Continuous Integration and Continuous Delivery (CI/CD) best practices
  • Strong collaboration and communication skills, with the ability to work effectively across development, operations, and security teams
  • Problem-solving and critical thinking are essential, including analytical skills to identify security vulnerabilities and threats and strategic thinking to implement effective security solutions
Job Responsibility
Job Responsibility
  • Identify security risks through threat modelling, develop robust mitigation strategies, and implement advanced security measures throughout the software development lifecycle
  • Application threat modelling, assessing code and applications to ensure they are vulnerability-free before being shipped to production environments
  • Maintaining the security of application or APIs throughout the product lifecycle
  • Monitoring and securing the CI/CD pipeline, conducting comprehensive security audits, responding to and investigating security incidents, and establishing/enforcing stringent security protocols
  • Provide security expertise to development and operations teams, fostering a culture of security awareness and adherence to best practices
  • Staying current on the latest cyber threats and security technologies
Read More
Arrow Right

Secure by Design Expert

We are seeking a Secure by Design Expert to join our Global Cyber Security UK te...
Location
Location
Romania , Iasi
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree in telecommunications, computer science, or equivalent
  • Strong understanding of security architecture, risk management principles, and data privacy legislation
  • Hands-on experience with IT & Digital technologies including application security, mobile apps, cloud infrastructure, and network security
  • Ability to scope penetration tests and guide remediation of vulnerabilities
  • Excellent communication skills to explain complex security requirements in simple terms
  • Knowledge of security standards such as ISO27001, TSR, and PCI-DSS is desirable
  • Technical certifications (e.g., CISSP, SCCP) are an advantage
Job Responsibility
Job Responsibility
  • Perform Secure by Design assessments and provide consultancy to projects and business areas
  • Embed effective security practices into IT & Digital processes
  • Deliver cyber security guidance, design input, and review/approval of connectivity across Vodafone networks
  • Specify and oversee security testing, ensuring vulnerabilities are remediated
  • Identify and manage cyber security risks, ensuring compliance with Vodafone policies and UK Telecommunications Security Act
  • Influence stakeholders and maintain strong relationships across business functions
  • Provide technical leadership and task direction to Secure by Design Specialists and Cyber Security Champions
What we offer
What we offer
  • Hybrid way of working: 2 days per week/ 8 per month
  • Medical and dental services
  • Life and hospitalization insurance
  • Dedicated employee phone subscription
  • Take control of your benefits and choose any of the below options: MEAL TICKETS/ PRIVATE PENSION/VACATION VOUCHERS/ CULTURAL VOUCHERS within the budget
  • Special discounts for gyms and retailers
  • Annual Company Bonus
  • Ongoing Education – we continuously invest in you to ensure you have everything needed to excel on the job and enhance your skills
  • You get to work with tried and trusted web-technology
  • We let you write your own story by planning vacations: go for a trip, experience new things, have fun and enjoy your 23 days off
  • Fulltime
Read More
Arrow Right

Vulnerability Management Specialist

At ArrowSphere Cloud, we are shaping the future of secure digital ecosystems. As...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
arrow.com Logo
Arrow Electronics
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 8+ years of experience in application or dev security
  • Strong understanding of modern web technologies and CI/CD pipelines
  • Hands-on experience with scanning tools (e.g., Burp, SonarQube, Snyk, or similar)
  • Familiarity with programming languages and logics
  • Ability to communicate findings clearly to technical and non-technical teams
Job Responsibility
Job Responsibility
  • Identify, validate, and prioritize vulnerabilities from scans, tests, and research
  • Collaborate with development team to provide contextual risk assessments
  • Monitor and manage dependency risks (e.g., npm audit, third-party libraries)
  • Support integration and optimization of security tools (SAST, DAST, dependency scanners)
  • Track and follow up on remediation progress
  • Contribute to threat modeling and risk assessments for new features
  • Stay up to date with evolving threats (CVEs, OWASP, MITRE ATT&CK)
  • Fulltime
Read More
Arrow Right

Head of Information Security

As River Island’s Head of Information Security, you’ll play a strategic and hand...
Location
Location
United Kingdom , West London
Salary
Salary:
Not provided
riverisland.com Logo
River Island
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Proven experience in a senior information security role, ideally within a complex, multi-channel retail or technology environment
  • Strong technical grounding across key security domains: network, cloud, endpoint, application, and data security
  • Experience managing or working with vulnerability management tools, SIEM/SOC environments, and incident response processes
  • Familiarity with frameworks and standards such as ISO 27001, NIST, CIS, PCI DSS, and GDPR
  • Excellent communication and stakeholder management skills, with the ability to influence at all levels of the organisation
  • Analytical, pragmatic, and calm under pressure — with a focus on enabling the business, not blocking it
Job Responsibility
Job Responsibility
  • Define, implement, and evolve River Island’s information security strategy in line with business objectives, regulatory obligations, and risk appetite
  • Lead the development and maintenance of Information Security policies, standards, and controls, ensuring alignment with frameworks such as ISO 27001, NIST CSF, and the SANS Top 18
  • Define and report security KPIs/KRIs to senior management to senior leadership representing risk posture, compliance status, and strategic improvement initiatives
  • Own and manage the Information Security Risk Register
  • ensure risks are assessed, documented, and mitigated effectively
  • Lead compliance efforts across GDPR, PCI DSS, and other applicable regulations
  • Conduct and coordinate enterprise-wide risk assessments, audits, and internal reviews
  • Champion a pragmatic, risk-based approach to security — balancing protection, productivity, and customer experience
  • Own and govern IAM standards (RBAC, joiner/mover/leaver, privileged access, MFA, SSO) across corporate, store and customer-facing platforms
  • Oversee operational security activities, including threat detection, vulnerability management, and incident response
What we offer
What we offer
  • Generous 50% staff discount so you can treat yourself to the latest products, and a bargain staff shop on site
  • Reducing Islanders everyday expenses through discounts, benefits, financial advice, wellbeing solutions and more through Reward Gateway
  • A free onsite gym, subsidised restaurant & café to fill you needs
  • Various social events to socialise throughout the year
  • Every family is unique, we support Islanders with all different family setups enhanced maternity, paternity, adoption & fertility treatment
  • We also work closely with the Retail Trust to create dedicated support for all our Islanders
  • Flexible working is a given, on top of payday and summer early finish Fridays
  • Give as you earn scheme, a ‘Giver Island’ day each year and receive matched funding
  • Support with upskilling through on the job training and qualifications
  • A succession plan if you want to progress
  • Fulltime
Read More
Arrow Right

Software Development Specialist Advisor

The Software Development Specialist Advisor role at NTT DATA requires a minimum ...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum of 12 years of experience in cloud technologies
  • Knowledge of deployment and management on the AWS cloud, including AWS ECS for deploying containers
  • Experience with Terraform for infrastructure provisioning and managing cloud resources efficiently
  • Understanding of VPCs, subnets, and security configurations within cloud environments
  • Skills in configuring autoscaling for efficient management of cloud resources based on demand
  • Familiarity with cloud security policies, including data encryption, access management, and DevSecOps principles to incorporate security into CI/CD processes
  • Proficient in using monitoring tools like AWS CloudWatch for operational monitoring, diagnostics, and logging
  • Expertise in managing efficiency and cost optimization strategies in the cloud environment
  • Implementation of effective backup and recovery solutions, such as daily snapshots
  • Ability to design and implement CI/CD processes using tools like GitHub for automated deployment
Job Responsibility
Job Responsibility
  • Deploying applications
  • Managing cloud resources
  • Ensuring security practices are followed
Read More
Arrow Right

Software Engineering Specialist

The role is accountable for ensuring that our technical deliveries realise Busin...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
plus.net Logo
Plusnet
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Deep knowledge on Networking domain along with solid understanding on OSS stack of Telecom including, Planning/Monitoring/Assurance
  • Having a strong grip on TMF standards with API based solution and Event based architecture patterns
  • Strong foundation on ODA Architecture patterns
  • Experience designing & solution and from an Engineering point of view with TMF complaint and ODA Architecture
  • Skilled in life cycle management of OSS tools/solutions including requirements analysis, platform selection, technical architecture design, application design & development, testing and deployment
  • Knowledge in various industry standard’s such as TMF, Open API
  • Lead and execute engineering initiatives to ensure the network cloud platform is easily consumable by products and solutions that are built on top of the platform
  • and at the sametime, is compliant with information security standards
  • Implement governance and controls to monitor and manage consumption and compliance with security and other standards
  • Implement and publish APIs for clients to consume platform services in a consistent way
Job Responsibility
Job Responsibility
  • Role implements the defined architectural roadmap for the Assurance Area for the following: Fault Management
  • Resource Management
  • Incident Management
  • Change Management
  • Role involves defining and implementing the roadmap for Transformation of IT, DataCenter and Network Cloud applications in Service and Problem management
  • Manage, Engineer, Architect, Develop and Maintain applications in Network Management, OSS and FCAPS space
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy