AI Summary
Drive the integration of security capabilities into CI/CD pipelines and development workflows. Partner with Application Security, Security Champions, and development teams to ensure security is embedded early in the development lifecycle. Implement build gates, automate security scans, and develop custom integrations.
Key Highlights
Lead IT Security Engineer
CI/CD pipeline security
DevSecOps transformation
Key Responsibilities
Design, implement, and maintain security controls within GitLab CI/CD pipelines
Develop pipeline automation scripts
Develop and enforce container security policies aligned with Client standards
Technical Skills Required
Benefits & Perks
W2 candidates only
Salary range may vary based on experience, qualifications, and local market
Nice to Have
AWS Certified DevOps Engineer or Solutions Architect
Security Certifications from GIAC or other
Job Description
Details:
Job Description
Stefanini Group is hiring!
Stefanini is looking for a Lead IT Security Engineer - Remote.
For quick Apply, please reach out to Akash Gupta: 248 728 2603/ akash.kumar@stefanini.com
W2 candidates only!
Responsibilities:
Position Overview:
- The Client - Common Data Platform (CDP) is seeking an experienced Security Engineer to drive the integration of security capabilities into our CI/CD pipelines and development workflows. This role is critical to our multi-year DevSecOps transformation initiative, which aims to modernize security practices across five development teams while supporting CDP's cloud migration and platform modernization goals.
- As a Security Engineer, you will work at the intersection of development, security, and operations to build automated security controls directly into our software delivery pipelines. You will partner closely with Application Security, Security Champions, and development teams to ensure security is embedded early in the development lifecycle without compromising delivery velocity.
- This is a hands-on technical role requiring deep expertise in CI/CD automation, containerization, infrastructure-as-code, and security tooling integration. You will be responsible for implementing build gates, automating security scans, developing custom integrations, and ensuring our GitLab-based pipelines provide consistent, measurable security controls across the entire CDP portfolio.
- Design, implement, and maintain security controls within GitLab CI/CD pipelines
- Develop pipeline automation scripts
- Develop and enforce container security policies aligned with Client standards
- Work with Security Champions to provide technical support and training on pipeline security features
- Develop reference architectures and example implementations for secure pipelines
- Support developers in understanding and resolving security findings
- Support pipeline assessment data collection through pipeline telemetry
- Coordinate with GRC teams on security control validation and evidence collection
- Mentor and guide team members in secure development practices
- Advocate for security throughout the SDLC
Interested in remote work opportunities in Cyber Security? Discover Cyber Security Remote Jobs featuring exclusive positions from top companies that offer flexible work arrangements.
Qualifications:
- Bachelor's degree in Computer Science, Information Technology, or related field (or equivalent experience)
- Ability to document technical processes, create runbooks, and develop training materials
- Self-starter with ability to work independently and manage multiple priorities
- Team focus, flexible thinking, willingness to learn, desire to enable security to support the business
- Ability to travel to San Francisco main office for final interview and/or onboarding
- 5+ years of experience in DevOps, SRE, or Platform Engineering roles
- 3+ years of hands-on experience with GitLab CI/CD (or similar platforms like Jenkins, GitHub Actions, Azure DevOps)
- Strong expertise in CI/CD pipeline design, implementation, and optimization
- Proficiency in scripting and automation using Python, Bash, or similar languages
- Deep understanding of containerization technologies (Docker, Kubernetes, ECS)
- Experience with Infrastructure-as-Code tools (Terraform preferred)
- Practical knowledge of AWS cloud services
- Experience integrating security scanning tools into CI/CD pipelines
- Strong understanding of Git workflows, branching strategies, and merge request processes
- Experience with configuration management and pipeline-as-code practices
- Working knowledge of application security concepts and vulnerability types (OWASP Top 10)
- Familiarity with security scanning tools such as:
- SAST tools (Semgrep, SonarQube, Checkmarx, or similar)
- SCA tools (Sonatype, Snyk, Black Duck, or similar)
- Container scanning tools (Trivy, Prisma, Aqua, or similar)
- DAST tools (OWASP ZAP, Burp Suite, or similar)
- Understanding of secrets management best practices and tools
- Knowledge of secure software development lifecycle (SSDLC) principles
- Familiarity securing a Data Lakehouse
Browse our curated collection of remote jobs across all categories and industries, featuring positions from top companies worldwide.
- Experience working in Agile/Scrum environments with 2-week sprint cycles
- Strong collaboration skills with ability to work across security, development, and operations teams
- Experience supporting multiple development teams simultaneously
- Track record of driving adoption of new tools and processes
- Ability to work on a geographically distributed team across multiple time zones
- Clear and accurate communication, excellent soft skills are a must
- Experience mentoring and/or coaching others
- AWS Certified DevOps Engineer or Solutions Architect
- Security Certifications from GIAC or other
Stefanini takes pride in hiring top talent and developing relationships with our future employees. Our talent acquisition teams will never make an offer of employment without having a phone conversation with you. Those face-to-face conversations will involve a description of the job for which you have applied. We also speak with you about the process including interviews and job offers.
About Stefanini Group:
The Stefanini Group is a global provider of offshore, onshore and near shore outsourcing, IT digital consulting, systems integration, application, and strategic staffing services to Fortune 1000 enterprises around the world. Our presence is in countries like the Americas, Europe, Africa, and Asia, and more than four hundred clients across a broad spectrum of markets, including financial services, manufacturing, telecommunications, chemical services, technology, public sector, and utilities. Stefanini is a CMM level 5, IT consulting company with a global presence. We are CMM Level 5 company.
Similar Jobs
Explore other opportunities that match your interests
Visa Sponsorship
Relocation
Remote
Job Type
Full-time
Experience Level
Mid-Senior level
cyber focus ai
United State
Visa Sponsorship
Relocation
Remote
Job Type
Full-time
Experience Level
Mid-Senior level
cyber focus ai
United State
Visa Sponsorship
Relocation
Remote
Job Type
Full-time
Experience Level
Mid-Senior level
SWITCH
United State