DevSecOps Engineer

Location: Remote (RO)Employment Type: Freelance/6 monthsRole OverviewWe are seeking an experienced DevSecOps Engineer to embed security into the software development lifecycle (SDLC) and automate secure practices within CI/CD pipelines. You will work closely with developers to promote secure coding, conduct application security testing, and enhance cloud-native security across dynamic DevOps environments.Key ResponsibilitiesIntegrate security controls throughout all SDLC stages. Perform SAST, DAST, and SCA testing using tools like SonarQube, Checkmarx, Veracode, OWASP ZAP. Automate security validation within CI/CD workflows (Jenkins, GitHub Actions, Azure DevOps). Conduct threat modeling, secure code reviews, and manual penetration testing. Implement and monitor container and cloud security (Docker, Kubernetes, AWS, Azure, GCP). Deliver security training and awareness sessions for development teams. Establish and maintain security documentation, playbooks, and champion programs. Requirements2-4 years of hands-on experience in application security or DevSecOps. Proficiency in at least one programming language (Java, Python, JavaScript, Go, .NET). Experience with CI/CD, containerization, and IaC (Terraform, CloudFormation). Deep understanding of OWASP Top 10, secure coding, and cryptographic principles. Strong collaboration and problem-solving skills. Eligible for UK SC Clearance. Preferred CertificationsCSSLP, GWEB, or Certified DevSecOps Engineer. Cloud Security (AWS, Azure, or GCP Security Specialty).