DevSecOps Engineer / Application Security Specialist

Position: DevSecOps / Application Security

Duration: 6+ months Contract

Location: Remote

Work Arrangement: Remote

Client is seeking a Security Engineer (DevSecOps / Application Security) to support the development and deployment of an enterprise security platform that enables automated application security testing and integration across modern cloud environments.

This role focuses on building, maintaining, and deploying infrastructure-as-code, APIs, and integrations for a cloud-native security solution that connects multiple security tools into a unified DevSecOps framework. The ideal candidate is hands-on with Terraform, Python, AWS, and containerized application deployment, with a strong background in CI/CD automation and integrating AppSec tools.

This position is fully remote and ideal for a self-driven engineer who enjoys building automation, solving complex integration problems, and supporting scalable DevSecOps solutions.

What You’ll Do:

Support the development, automation, and deployment of an enterprise security platform used to orchestrate application security testing across cloud-native environments.

Build and maintain integrations with security tools such as Apiiro, Invicti, Snyk (SCA & SAST), SonarQube, TruffleHog, and Wiz using APIs and CLIs.

Develop and manage AWS infrastructure using Terraform, supporting services such as Lambda, ECS, ECR, API Gateway, VPC, Route53, DynamoDB, S3, and CloudWatch.

Build, deploy, and manage containerized and serverless workloads across multiple AWS regions.

Create and maintain CI/CD automations using CodeBuild, GitHub Actions, and related tooling.

Debug, fix, and enhance platform functionality through feature requests and issue triage.

Manage dependency builds and installations for Maven, Gradle, NPM, .NET Core, and Python applications.

Work collaboratively with engineering, security, and operations teams to implement new integrations and platform enhancements.

Participate in design discussions, planning sessions, and other collaborative activities that support platform growth and continuous improvement.

Technologies You’ll Work With

Core Stack:

Terraform

Python

AWS (Lambda, ECS, ECR, APIGW, VPC, VPCE, DynamoDB, Route53, CloudWatch, S3, CodeBuild)

Docker

GitHub

REST APIs

Security Tools:

Apiiro

Invicti

Snyk (SCA & SAST)

SonarQube

TruffleHog

Wiz

Nice to Have:

Datadog or Splunk

ServiceNow

Swagger / OpenAPI

________________________________________

Qualifications & Experience:

• 4+ years of experience in DevSecOps, Cloud Engineering, or Application Security Engineering.

• Strong proficiency in AWS cloud architecture and Terraform for infrastructure automation.

• Solid scripting and programming skills in Python (additional experience in Node.js, .NET, or Java preferred).

• Proven experience deploying and maintaining containerized workloads using Docker and AWS ECS/Lambda.

• Hands-on experience integrating application security tools into pipelines or workflows via APIs/CLIs.

• Understanding of CI/CD pipelines and automation frameworks (CodeBuild, Jenkins, GitHub Actions).

• Familiarity with dependency management in Maven, Gradle, NPM, .NET Core, and Python ecosystems.

• Excellent debugging, problem-solving, and collaboration skills.

• Strong communication and self-management in a remote work environment.

________________________________________

Collaboration & Work Environment:

This role operates within a collaborative engineering and security environment. The Security Engineer will engage with cross-functional teams to plan, design, and deliver platform features and integrations. Work includes participating in team planning sessions, design reviews, and coordination with internal and external stakeholders to support the platform’s continuous development and deployment lifecycle.