Job Description
Job Description – Security Engineer / DevSecOps Engineer
Core Security Expertise
Secure SDLC:
Implement and embed security practices across all phases of the software development lifecycle—from design through deployment.
Threat Modeling:
Use frameworks such as STRIDE, DREAD, or PASTA to proactively identify and mitigate architectural and implementation risks.
Vulnerability Management:
Conduct vulnerability assessments using tools like Nessus, Qualys, or OpenVAS and deliver actionable remediation plans.
Application Security:
Strong understanding of OWASP Top 10 risks and hands‑on experience with SAST, DAST, IAST, and RASP tools.
Identity & Access Management:
Implement IAM principles such as least privilege, RBAC/ABAC, SSO, and MFA.
Development & Automation
Programming/Scripting:
Proficiency in Python, Bash, Go, or JavaScript.
CI/CD Security:
Secure and harden pipeline tools including Jenkins, GitHu...
Core Security Expertise
Secure SDLC:
Implement and embed security practices across all phases of the software development lifecycle—from design through deployment.
Threat Modeling:
Use frameworks such as STRIDE, DREAD, or PASTA to proactively identify and mitigate architectural and implementation risks.
Vulnerability Management:
Conduct vulnerability assessments using tools like Nessus, Qualys, or OpenVAS and deliver actionable remediation plans.
Application Security:
Strong understanding of OWASP Top 10 risks and hands‑on experience with SAST, DAST, IAST, and RASP tools.
Identity & Access Management:
Implement IAM principles such as least privilege, RBAC/ABAC, SSO, and MFA.
Development & Automation
Programming/Scripting:
Proficiency in Python, Bash, Go, or JavaScript.
CI/CD Security:
Secure and harden pipeline tools including Jenkins, GitHu...
Apply for this Position
Ready to join Confidential? Click the button below to submit your application.
Submit Application