CrawlJobs Logo

SDLC Security Operations Engineer (DevSecOps)

northbaysolutions.com Logo

NorthBay

Location Icon

Location:
Pakistan

Category Icon
Category:
IT - Software Development

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

Not provided
Save Job
Save Icon
Apply Position

Job Description:

We are looking for a hands-on SDLC Security Operations Engineer to embed security controls into CI/CD pipelines and engineering workflows for a larger enterprise customer in the UAE. This role focuses on operationalizing DevSecOps integrating scanning tools, enforcing pipeline guardrails, reducing security debt, and ensuring SDLC controls align with ISO 27001, SOC 2, PIC/DSS etc.

Job Responsibility:

  • Integrate and operate security controls across CI/CD pipelines using GitHub, GitLab, Azure DevOps, and Jenkins
  • Implement and manage SAST/DAST, dependency scanning, secret scanning, and pipeline security gates (build-time enforcement)
  • Establish secure build and release practices: artifact integrity, signing/verification, and controlled promotions across environments
  • Implement secure secrets management practices and prevent credential leakage in repos and pipelines
  • Drive remediation workflows with developers: triage findings, validate fixes, reduce false positives, and improve rule tuning
  • Embed security checks for infrastructure-as-code and configuration where applicable
  • ensure consistent secure-by-default patterns
  • Support secure SDLC documentation, control mapping, and audit evidence for ISO 27001, SOC 2, etc. (policies, logs, approvals, attestations)
  • Contribute to developer enablement via secure coding guidance, playbooks, and integration patterns that reduce friction

Requirements:

  • 7–9 years of experience in DevSecOps / Application Security Engineering / SDLC Security Operations
  • Strong hands-on experience with CI/CD tools: GitHub, GitLab, Azure DevOps, Jenkins
  • Hands-on experience operating AppSec tooling: SAST/DAST and software supply chain controls (dependency risk management)
  • Strong understanding of secure SDLC concepts (threat modeling basics, security testing, release governance)
  • Ability to collaborate deeply with engineering teams and translate findings into actionable fixes
  • Familiarity with Linux-based build environments and common developer workflows

Nice to have:

  • Experience in telecom, government or regulated environments with audit-driven SDLC controls
  • Exposure to container security, artifact repositories, and release governance patterns
  • Automation skills (Python/Bash) to streamline scanning, reporting, and control enforcement

Additional Information:

Job Posted:
February 10, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
NorthBay - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for SDLC Security Operations Engineer (DevSecOps)

Principal Security Engineer

We’re building a world-class global Security team as part of our Trust Program. ...
Location
Location
India , Hyderabad
Salary
Salary:
Not provided
highspot.com Logo
Highspot
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 10+ years of robust, progressive experience in security engineering, application security, DevSecOps, incident detection and response, or closely related fields
  • Advanced proficiency in at least one programming language (Python, Ruby, Go, Rust, JavaScript), with deep experience conducting detailed code reviews and security assessments across multiple languages
  • Hands-on experience with deploying, operating, and interpreting results from security tools such as static analyzers, web vulnerability scanners, supply chain analysis scanners, and host-based intrusion detection systems
  • Demonstrated experience mentoring, coaching and guiding junior and mid-level security engineers, contributing to a strong team culture, and supporting peer development as a senior individual contributor
  • Demonstrated proactive approach, strong continuous learning orientation, and curiosity about emerging threats, security trends, and innovative technologies
  • Extensive expertise securing cloud-native environments (AWS, Azure, GCP, containers, microservices), with in-depth knowledge of modern cloud security risks and defenses
  • Demonstrated ability to embrace being wrong, practice humility, continuously learn from experiences, and actively seek insights through thoughtful questioning and collaboration
Job Responsibility
Job Responsibility
  • Lead comprehensive application security assessments, advanced threat modeling sessions, and secure code reviews across critical product features, internal tooling, endpoints, and third-party integrations
  • Collaborate strategically with product engineering to establish and enhance secure-by-default and privacy-by-design practices within the software development lifecycle (SDLC)
  • Lead and otherwise participate in incident detection, investigation, triage, containment, and root cause analysis for high impact security incidents, providing mentorship and guidance to junior engineers as required
  • Drive the development and continuous improvement of sophisticated detection rules, response automation, and optimized alert management across cloud environments, corporate infrastructure, and SaaS platforms
  • Lead and participate in complex vulnerability remediation processes, and effectively respond to security issues discovered by both internal teams and external sources
  • Document technical findings and strategic decisions in a clear and accessible manner, and procedural enhancements
  • significantly contribute to comprehensive security playbooks and knowledge repositories
  • Manage and oversee asksecurity@ request handling, and actively participate in sprint-based security activities, balancing strategic and tactical execution
  • Actively participate in the security on-call rotation, or provide senior-level guidance as required during an event and aid in rapid response capabilities to protect our 24x7 platform and global workforce
  • Fulltime
Read More
Arrow Right

Staff Product Security Engineer

We’re looking for a Staff Product Security Engineer to lead the design and imple...
Location
Location
United States
Salary
Salary:
184000.00 - 252000.00 USD / Year
alpha-sense.com Logo
AlphaSense
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7+ years of experience in product, application, or cloud security engineering
  • Deep understanding of secure SDLC, threat modeling, and secure architecture design
  • Proven expertise with AWS cloud security concepts and best practices
  • Strong experience with container security, orchestration, and runtime protection
  • Proficiency in Python, Java, and/or JavaScript for security automation, code review, and tooling
  • Experience securing AI/ML pipelines, data workflows, or model-serving infrastructure
  • Familiarity with DevSecOps and continuous integration/deployment environments
Job Responsibility
Job Responsibility
  • Embed robust security practices throughout the software and AI development lifecycle (SDLC)
  • Lead secure design reviews, threat modeling, and risk assessments for AI-driven products, APIs, and backend services
  • Partner with engineering and product teams to ensure security, privacy, and compliance by design
  • Build and maintain security automation and governance frameworks that integrate seamlessly into development workflows
  • Architect and enforce security controls for AI/ML systems, including model training, data pipelines, and inference environments
  • Identify and mitigate AI-specific attack vectors such as data poisoning, model inversion, prompt injection, and model theft
  • Collaborate with governance and compliance teams to align with ethical AI principles and frameworks like NIST AI RMF and the EU AI Act
  • Implement model provenance, integrity, and auditability controls to ensure responsible and secure AI operations
  • Partner with DevOps and SRE teams to secure service meshes, container networking, and secrets management
  • Drive software supply chain security, including artifact integrity, dependency management, and vulnerability reduction
What we offer
What we offer
  • Competitive compensation, benefits, and career growth opportunities
  • Opportunity to shape and drive product security strategy
  • Collaborative and security-minded engineering culture
  • Work on cutting-edge security challenges in a fast-growing company
  • Performance-based bonus, equity, and a generous benefits program
  • Fulltime
Read More
Arrow Right

Application Security Engineer II

In this role, you will support Rackspace's application security program by imple...
Location
Location
India
Salary
Salary:
Not provided
rackspace.com Logo
Rackspace
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2-4 years in the information security field
  • Experience working with application security, security testing, or DevSecOps practices
  • Working knowledge of the SDLC, security concepts, and vulnerability assessment methodologies
  • Hands-on experience with or understanding of programming and scripting languages including one or more of the following: Python, Java, Node.js, Go, Ruby, PHP
  • databases such as SQL
  • and related tools such as Github, Gitlab, Jenkins, and CircleCI
  • Understanding of common vulnerabilities, remediation approaches, and industry-standard classification schemes (CVE, CWE, CVSS, OWASP Top 10)
  • Familiarity with relevant compliance regulations, such as PCI-DSS, ISO 27001, SOC 2, or HIPAA
  • Passion for security and eagerness to learn about new technologies and emerging security vulnerabilities
  • Strong communication skills with the ability to work collaboratively across teams
Job Responsibility
Job Responsibility
  • Execute application security testing using both automated tools and manual testing techniques on web applications, APIs, containers, and other software components
  • Configure, maintain, and operate SAST, DAST, and other application security testing tools
  • Analyze and triage security findings, documenting clear remediation guidance for development teams
  • Support the vulnerability reporting process and track findings through to resolution
  • Assist with triage and validation of external vulnerability disclosures and bug bounty reports
  • Contribute to the development and documentation of application security processes and standards
  • Participate in security code reviews and threat modeling exercises
  • Help track and report metrics for application security program health
  • Collaborate with development and DevOps teams to integrate security into CI/CD pipelines
  • Stay current with application security trends, tools, and best practices
  • Fulltime
Read More
Arrow Right

SDLC Security Operations Engineer (DevSecOps)

We are looking for a hands-on SDLC Security Operations Engineer to embed securit...
Location
Location
India
Salary
Salary:
Not provided
northbaysolutions.com Logo
NorthBay
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 7–9 years of experience in DevSecOps / Application Security Engineering / SDLC Security Operations
  • Strong hands-on experience with CI/CD tools: GitHub, GitLab, Azure DevOps, Jenkins
  • Hands-on experience operating AppSec tooling: SAST/DAST and software supply chain controls (dependency risk management)
  • Strong understanding of secure SDLC concepts (threat modeling basics, security testing, release governance)
  • Ability to collaborate deeply with engineering teams and translate findings into actionable fixes
  • Familiarity with Linux-based build environments and common developer workflows
Job Responsibility
Job Responsibility
  • Integrate and operate security controls across CI/CD pipelines using GitHub, GitLab, Azure DevOps, and Jenkins
  • Implement and manage SAST/DAST, dependency scanning, secret scanning, and pipeline security gates (build-time enforcement)
  • Establish secure build and release practices: artifact integrity, signing/verification, and controlled promotions across environments
  • Implement secure secrets management practices and prevent credential leakage in repos and pipelines
  • Drive remediation workflows with developers: triage findings, validate fixes, reduce false positives, and improve rule tuning
  • Embed security checks for infrastructure-as-code and configuration where applicable
  • ensure consistent secure-by-default patterns
  • Support secure SDLC documentation, control mapping, and audit evidence for ISO 27001, SOC 2, etc. (policies, logs, approvals, attestations)
  • Contribute to developer enablement via secure coding guidance, playbooks, and integration patterns that reduce friction
  • Fulltime
Read More
Arrow Right
New

Security Engineer II

In this role, you’ll partner with other technology teams to design and implement...
Location
Location
United States
Salary
Salary:
160000.00 - 185000.00 USD / Year
humaninterest.com Logo
Human Interest
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Minimum 2 years in a security focused engineering role
  • Minimum 5 years in software engineering role
  • Proficient coding ability in at least one modern programming language. E.g.Typescript/Javascript, Ruby, Java, Python, Golang
  • Practical experience securing cloud environments
  • Strong communication skills: you can easily discuss complex technical concepts with both engineers and non-engineers
  • Strong ownership and bias for action: You love to roll up your sleeves. You are proactive, drive projects from start to finish, and lead cross-functional projects, while keeping stakeholders informed
  • Leader and Mentor: You are a recognized leader in your areas of responsibility, and enjoy sharing knowledge and mentoring others
  • Operational Excellence: you raise the bar on the quality of the software and infrastructure that you work on
Job Responsibility
Job Responsibility
  • Build practical controls to improve the effectiveness and robustness of our engineering team
  • Foster a DevSecOps culture through education, automation, and tooling
  • Secure our SDLC process through automation
  • Implement checks in pipeline
  • Perform security reviews of application code
  • Take part in team on call rotation for security events and monitoring alerts
  • Advocate and educate security best practices
  • Create tooling and automation to efficiently respond to security events
  • Partner with stakeholders to respond and mitigate security threats
What we offer
What we offer
  • A great 401(k) plan: Our own! Our 401(k) includes a dollar-for-dollar employer match up to 4% of compensation (immediately vested) and $0 plan fees
  • Top-of-the-line health plans, as well as dental and vision insurance
  • Competitive time off and parental leave
  • Addition Wealth: Unlimited access to digital tools, financial professionals, and a knowledge center to help you understand your equity and support your financial wellness
  • Lyra: Enhanced Mental Health Support for Employees and dependents
  • Carrot: Fertility healthcare and family forming benefits
  • Candidly: Student loan resource to help you and your family plan, borrow, and repay student debt
  • Monthly work-from-home stipend
  • quarterly lifestyle stipend
  • Engaging team-building experiences, ranging from virtual social events to team offsites, promoting collaboration and camaraderie
  • Fulltime
Read More
Arrow Right

Application Security Engineer

Zuora’s Application Security & Security Engineering team partners closely with e...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
zuora.com Logo
Zuora
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5+ years of experience in application security, software development, or a related engineering role
  • Strong understanding of secure software development practices, including experience working with developers to embed security into the SDLC
  • Hands-on experience conducting security design reviews, threat modeling, and code reviews for web and cloud-based applications
  • Familiarity with common application vulnerabilities (e.g., OWASP Top 10) and experience in identifying and remediating them
  • Experience working with security tools such as SAST, DAST, SCA, and container security scanners
  • Ability to communicate security concepts effectively to both technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Collaborate with teams across a global organization to support the adoption and implementation of secure software development practices and tooling
  • Contribute hands-on to critical engineering and tooling projects, working closely with technical leads and product owners to ensure security is a key part of successful project outcomes
  • Mentor engineers and influence architectural decisions to ensure security is embedded by design
  • Design and develop reusable, flexible security components and APIs to support scalable, secure application development across the company
  • Define and promote best practices to ensure software security without compromising functionality, usability, reliability, or availability
  • Participate in design and code reviews, providing actionable security recommendations as needed
  • Collaborate with project teams to design and prototype secure solutions, validating key assumptions and security objectives
  • Evaluate, implement, and support a range of security tools to improve visibility and reduce risk
  • Build strong relationships and communicate effectively with stakeholders throughout the SDLC, including Product, Engineering, and Operations teams
What we offer
What we offer
  • Competitive compensation, variable bonus and performance reward opportunities, and retirement programs
  • Medical, dental and vision insurance
  • Generous, flexible time off
  • Paid holidays, “wellness” days and company wide end of year break
  • 6 months fully paid parental leave
  • Learning & Development stipend
  • Opportunities to volunteer and give back, including charitable donation match
  • Free resources and support for your mental wellbeing
Read More
Arrow Right

Application Security Engineer II

Zuora’s Application Security & Security Engineering team partners closely with e...
Location
Location
India , Bengaluru
Salary
Salary:
Not provided
zuora.com Logo
Zuora
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2+ years of experience in application security, software development, or a related engineering role
  • Strong understanding of secure software development practices, including experience working with developers to embed security into the SDLC
  • Hands-on experience conducting security design reviews, threat modeling, and code reviews for web and cloud-based applications
  • Familiarity with common application vulnerabilities (e.g., OWASP Top 10) and experience in identifying and remediating them
  • Experience working with security tools such as SAST, DAST, SCA, and container security scanners
  • Ability to communicate security concepts effectively to both technical and non-technical stakeholders
Job Responsibility
Job Responsibility
  • Collaborate with teams across a global organization to support the adoption and implementation of secure software development practices and tooling
  • Contribute hands-on to critical engineering and tooling projects, working closely with technical leads and product owners to ensure security is a key part of successful project outcomes
  • Mentor engineers and influence architectural decisions to ensure security is embedded by design
  • Design and develop reusable, flexible security components and APIs to support scalable, secure application development across the company
  • Define and promote best practices to ensure software security without compromising functionality, usability, reliability, or availability
  • Participate in design and code reviews, providing actionable security recommendations as needed
  • Collaborate with project teams to design and prototype secure solutions, validating key assumptions and security objectives
  • Evaluate, implement, and support a range of security tools to improve visibility and reduce risk
  • Build strong relationships and communicate effectively with stakeholders throughout the SDLC, including Product, Engineering, and Operations teams
What we offer
What we offer
  • Competitive compensation, variable bonus and performance reward opportunities, and retirement programs
  • Medical, dental and vision insurance
  • Generous, flexible time off
  • Paid holidays, “wellness” days and company wide end of year break
  • 6 months fully paid parental leave
  • Learning & Development stipend
  • Opportunities to volunteer and give back, including charitable donation match
  • Free resources and support for your mental wellbeing
Read More
Arrow Right

Senior DevOps Engineer

We are seeking a highly skilled Senior DevOps Engineer to help us integrate secu...
Location
Location
United States , Menlo Park
Salary
Salary:
168961.00 - 190081.00 USD / Year
billiontoone.com Logo
BillionToOne
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Engineering, or related field or equivalent relevant years of experience
  • 6–10 years of experience in DevOps, DevSecOps, or related roles
  • Deep expertise with AWS cloud services and cloud-native security tools
  • Proficiency with container orchestration (Kubernetes, Docker)
  • Strong scripting/programming skills (Python, Bash, or Go)
  • Experience with version control tools (Git, Bitbucket, SVN, or CVS)
  • Solid background in Linux and Windows administration, networking, databases, and data center operations
  • Strong understanding of security protocols and secure system design
  • Excellent problem-solving, troubleshooting, and communication abilities—able to clearly and concisely express multifaceted technical concepts
  • Demonstrated ability to work independently with minimal oversight while driving projects to completion
Job Responsibility
Job Responsibility
  • AWS Infrastructure Management: Design, build, and maintain scalable, secure infrastructure on AWS, leveraging services like EC2, ECS/EKS, Lambda, RDS, S3, VPC, IAM, and Route 53
  • Infrastructure as Code (IaC): Automate provisioning and management using Terraform, CloudFormation, or Ansible
  • ensure infrastructure is defined, versioned, and secured according to best practices
  • CI/CD Pipeline Security: Implement and secure continuous integration and deployment pipelines, ensuring security in every stage from development through production
  • Security Integration: Integrate security practices into the development lifecycle—baking in secure coding, vulnerability monitoring, and automated controls across the SDLC
  • Monitoring & Observability: Develop and maintain dashboards and alerts using DataDog, AWS CloudWatch, CloudTrail, GuardDuty, and Config
  • track vulnerabilities, incidents, and system performance
  • Day-to-Day Operations: Support user account management, troubleshooting, and system monitoring to ensure uptime and reliability
  • Collaboration: Partner with development, operations, and security teams to define and enforce security best practices, policies, and procedures
  • Incident Response: Assist with detection, analysis, and response efforts to resolve issues quickly and thoroughly
What we offer
What we offer
  • Working alongside brilliant, kind, passionate and dedicated colleagues, in an empowering environment, toward a global vision, striving for a future in which transformative molecular diagnostics can help millions of patients
  • Open, transparent culture that includes weekly Town Hall meetings
  • The ability to indirectly or directly change the lives of hundreds of thousands patients
  • Multiple medical benefit options
  • employee premiums paid 100% of select plans, dependents covered up to 80%
  • Extremely generous Family Bonding Leave for new parents (16 weeks, paid at 100%)
  • Supplemental fertility benefits coverage
  • Retirement savings program including a 4% Company match
  • Increase paid time off with increased tenure
  • Latest and greatest hardware (laptop, lab equipment, facilities)
  • Fulltime
Read More
Arrow Right
Jobs by Category
Art and Entertainment Jobs Banking Jobs Call Center Jobs Construction Jobs Consulting Jobs Customer Service Jobs Education Jobs Energy Jobs Finance Jobs Gastronomy Jobs Health and Beauty Jobs Hospitality and Tourism Jobs Human Resources Jobs Insurance Jobs IT - Administration Jobs IT - Software Development Jobs Legal Jobs Logistics Jobs Manufacturing Jobs Marketing, Digital Marketing, SEO, SEM Jobs Media Jobs Nursing Jobs Office Administration Jobs Pharmacy Jobs Physical Work Jobs Public Relations Jobs Public Sector Jobs Purchasing Jobs Quality Control Jobs Real Estate Jobs Research and Development Jobs Sales Jobs
Job Positions Jobs by Country
United States Jobs United Kingdom Jobs India Jobs Canada Jobs Australia Jobs Germany Jobs Ireland Jobs Poland Jobs
Company
Blog About Us Contact
Follow Us
Facebook
X (Twitter)
LinkedIn
Instagram
CrawlJobs Group
ITFlashcards AllDevBlogs
© 2026 CrawlJobs Ltd. All Rights Reserved
Terms & Conditions Privacy Policy