We are looking for a Senior DevSecOps Engineer to strengthen our client's Application Security team. This role blends hands-on coding with deep security expertise — acting as the critical bridge between developers and security practices. If you think like a developer and speak the language of security — this one is for you!

MUST-HAVE SKILLS

Strong developer background with Java or Python — must code and communicate like a developer
Solid grasp of application security concepts (OWASP Top 10, vulnerability analysis, remediation guidance)
Experience integrating security tools into CI/CD pipelines and working with developers to close findings
Exposure to SAST, SCA, DAST, API & mobile security assessments
Familiarity with GitHub, Jira, and Jenkins
Cloud security concepts and REST/SOAP API experience
Strong communication skills to explain risks and guide remediation

NICE TO HAVE

Hands-on experience with Checkmarx, Sonatype Nexus IQ, Black Duck, or Noname API Security
Knowledge of Docker, Kubernetes, AWS, and Azure
Certifications — CISSP, CSSLP, GIAC, Security+, or AWS/Azure Security