DevSecOps Specialist

Job description

Core Responsibilities · Secure the software development lifecycle (SDLC) by applying application development, deployment, and security expertise. · Operate, configure, and continuously improve application security tooling, with a primary focus on SAST and SCA, including policy tuning and integration into CI/CD pipelines. · Identify, analyze, and triage application security vulnerabilities; apply risk-based prioritization and work with engineering teams to drive timely remediation. · Collaborate with App Sec engineers and peer security teams to ensure consistent implementation, coverage, and alignment of application security tools, standards, and processes. · Champion a low-friction developer experience by streamlining scan workflows, reducing false positives, and providing clear, actionable feedback. · Participate in an on-call rotation to support application security tooling, assist developers, and respond to security threat events when required. · Identify and implement opportunities to automate application security processes to improve scalability, efficiency, and coverage. · Gather and report meaningful metrics to measure vulnerability trends, tool effectiveness, and applicatio...