Security Engineer

OverviewRole Summary: Operationalize DevSecOps security controls across SDLC and CI/CD using Azure DevOps Server, ensuring enforceable security gates, vulnerability lifecycle management, and audit-ready evidence.ResponsibilitiesConfigure and tune Fortify SAST/DAST, define thresholds and exception workflowAutomate the renewal and deployment of SSL/TLS certificates using tools like HashiCorp Vault and Cert-Manager in Kubernetes to prevent downtime and security risksIntegrate SBOM generation tools into the CI/CD pipeline to track component dependencies, license compliance, and vulnerabilities, providing visibility into the software supply chainImplement image signing and verification using tools like Sigstore/Cosign to ensure code integrity, ensuring only verified, trusted container images are deployedDefine Quality Gates, vulnerability SLAs, triage process, remediation tracking and reporting dashboardsIntegrate secrets management (HashiCorp Vault) and secure access patterns with SecurEnvoy MFASupport compliance evidence: scan outputs, approvals, and release evidence packsPartner with DevOps and QA on secure pipelines and test environment controlsQualificationsRequired Experience5-8+ years AppSec/DevSecOps/security engineering experience. Government/regulatory sector experience is a plus. Strong OWASP, threat modeling, and vulnerability management exposure.Technical SkillsSecure SDLC, CI/CD security gates, artifact trust, secrets management, container security concepts, and K8s security basics.Soft SkillsInfluence without authority, risk-based communication, pragmatic guidance, and calm escalation handling.Core Skills / ToolingAzure DevOps Server, Fortify (SAST/DAST), HashiCorp Vault, JFrog Artifactory, Sigstore (plus), OpenShift/Kubernetes awareness, and monitoring correlation (AppDynamics/BMC/Azure Monitoring).#J-18808-Ljbffr