DevSecOps Consultant

Summary

Join VerSprite, a leading cybersecurity firm, as a DevSecOps Consultant and contribute to securing software development lifecycles. You will integrate security into DevOps workflows, design and optimize CI/CD pipelines, automate security testing, and enforce best practices. This role involves collaborating with international clients, development, operations, and security teams to establish a DevSecOps culture. VerSprite offers a competitive salary, flexible work arrangements, and opportunities for professional development in a global, remote-first environment.

Requirements

• 10+ years of coding experience in Python, with a strong understanding of secure coding principles
• Extensive experience with CI/CD tools such as Jenkins, GitLab CI/CD, Azure DevOps, AWS CodePipeline, or CircleCI
• Strong background in cloud security (AWS, Azure, GCP) and Infrastructure as Code (IaC) tools like Terraform or Ansible
• Experience with containerization and orchestration (Docker, Kubernetes) and their security implications
• Deep knowledge of security tools and practices, including SAST, DAST, and security monitoring solutions
• Strong understanding of DevOps methodologies, microservices architecture, and cloud-native application security
• Experience implementing Zero Trust Architecture and security automation
• Hands-on experience with log management and SIEM tools for security monitoring
• Excellent problem-solving, communication, and client-facing skills

Responsibilities

• Security Integration: Embed security into DevOps processes, ensuring secure software development practices
• CI/CD Pipeline Optimization: Design, implement, and optimize CI/CD pipelines with security as a core component
• Automation & Scripting: Develop security automation scripts and tools using Python
• Threat Modeling: Identify security threats and vulnerabilities within the SDLC and propose risk mitigation strategies
• Tooling & Implementation: Implement and configure security tools such as SAST, DAST, SCA, and container security solutions
• Code Review & Secure Development: Conduct security code reviews and provide guidance on secure coding practices
• Collaboration & Training: Work closely with development, operations, and security teams to establish DevSecOps culture and provide security training
• Compliance & Best Practices: Ensure adherence to industry security frameworks, compliance requirements, and best practices (e.g., OWASP, NIST, ISO 27001)
• Incident Response & Remediation: Assist in security incident response, forensics, and remediation within DevOps environments

Preferred Qualifications

• Certifications such as CISSP, CISM, CKS, CEH, or AWS Security Specialty
• Experience in penetration testing, threat hunting, or blue team operations
• Familiarity with compliance standards like SOC 2, GDPR, PCI-DSS, HIPAA
• Knowledge of machine learning and AI-driven security analytics is a plus

Benefits

• Work with cutting-edge security technologies in a global, remote-first environment
• Collaborate with top-tier cybersecurity professionals on complex, high-impact projects
• Competitive salary, flexible work arrangements, and opportunities for professional development
• Be part of a mission-driven company dedicated to securing organizations worldwide
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you
• A collaborative environment where everyone works together to create a better working world