Senior DevSecOps Engineer
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
SIGMA seeks a Senior Resident DevSecOps Engineer to lead application security and DevSecOps initiatives. The role involves designing and implementing security controls across the SDLC, integrating security into CI/CD pipelines, and managing vulnerability remediation.
Key Skills for This Role
Responsibilities
- Lead the organization's DevSecOps maturity improvement initiatives
- Act as primary technical authority for DevSecOps and application security activities
- Design, review, and manage security integrations across CI/CD platforms such as GitLab, Azure DevOps, and CloudBees
- Implement and optimize SAST, SCA, DAST, IAST, IaC security scanning, and secrets management
- Define vulnerability management processes and lead triage, risk assessment, prioritization, tracking, and remediation
- Conduct secure design reviews throughout the SDLC
- Support API security implementation and security architecture reviews
- Develop and maintain security frameworks, policies, procedures, standards, guidelines, RACI matrices, and KPIs
- Create technical documentation, runbooks, templates, and security checklists
- Conduct workshops, training sessions, and knowledge transfer activities
Requirements
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field
- 3+ years of experience in Application Security, DevSecOps, or Secure Software Engineering
- Strong experience with CI/CD security integration and automation
- Hands on experience with GitLab, Azure DevOps, CloudBees, Jenkins, or similar platforms
- Strong understanding of OWASP Top 10, Secure SDLC, and DevSecOps methodologies
- Experience with cloud environments (AWS, Azure, or GCP)
- Experience with API security and container security
- Preferred certifications: GCSA, GDSA, DevSecOps Foundation/Professional, CSSLP, CKS, AZ 400, AWS DevOps Engineer Professional
Full Job Posting
Job Summary
- The Senior Resident DevSecOps Engineer serves as the technical lead and subject matter expert for Application Security and DevSecOps initiatives. The role is responsible for designing, implementing, governing, and continuously improving security controls throughout the Software Development Lifecycle
Key Responsibilities
- Lead the organization's DevSecOps maturity improvement initiatives.
- Act as the primary technical authority for DevSecOps and application security activities.
- Provide technical guidance, mentoring, and oversight to junior engineers and development teams.
- Design, review, and manage security integrations across CI/CD platforms such as GitLab, Azure DevOps, and CloudBees.
- Implement and optimize SAST, SCA, DAST, IAST, IaC Security Scanning, and Secrets Management.
- Define vulnerability management processes and workflows.
- Lead vulnerability triage, risk assessment, prioritization, tracking, and remediation activities.
- Establish remediation SLAs and monitor compliance.
- Conduct secure design reviews throughout the SDLC.
- Support API security implementation and security architecture reviews.
- Validate secure coding practices and development standards.
- Develop and maintain security frameworks, policies, procedures, standards, guidelines, RACI matrices, and security KPIs/KGIs.
Required Qualifications
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field.
- 3+ years of experience in Application Security, DevSecOps, or Secure Software Engineering.
- Strong experience with CI/CD security integration and automation.
- Hands on experience with GitLab, Azure DevOps, CloudBees, Jenkins, or similar platforms.
- Strong understanding of OWASP Top 10, Secure SDLC, and DevSecOps methodologies.
- Experience with cloud environments (AWS, Azure, or GCP).
- Experience with API security and container security.
Preferred Certifications
- At least one of: GIAC Cloud Security Automation (GCSA), GIAC Defensible Security Architecture (GDSA), DevSecOps Foundation/Professional, CSSLP, Certified Kubernetes Security Specialist (CKS), Microsoft AZ 400, AWS Certified DevOps Engineer – Professional.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at SIGMA
Senior Voice Engineer (VoIP/IP Telephony)
Riyadh, KSA
SIGMA is seeking a Senior Voice Engineer with 6+ years of experience in VoIP/IP Telephony to support Cisco Unified Communications and DGVOX integration with SITA airport systems in Riyadh. The role involves installation,
Penetration Testing Engineer
Jeddah, KSA
SIGMA seeks a Penetration Testing & Secure Code Review Specialist for a semi-government entity in Jeddah. The role involves identifying security vulnerabilities through penetration testing, performing secure code reviews
Penetration Tester Specialist
Jeddah, KSA
A leading Semi-Government Entity in Jeddah seeks a Penetration Testing & Secure Code Review Specialist to identify security vulnerabilities and improve security posture. The role involves web, mobile, API, and network pe
Senior PAM Engineer
Riyadh, KSA
SIGMA is seeking a Senior PAM Engineer with BeyondTrust expertise for a short-term cybersecurity project in KSA. The role involves deploying, configuring, and supporting BeyondTrust PAM solutions including Password Safe
Senior Cybersecurity Assurance ( Configuration Review & Vulnerability assessments) Specialist
Jeddah, KSA
SIGMA seeks a Senior Cybersecurity Assurance Specialist to lead security assurance activities including configuration reviews, vulnerability assessments, and compliance gap analysis across DLP, XDR, PAM, WAF, Linux, and
Senior Cybersecurity Assurance ( Configuration Review & Vulnerability assessments) Engineer
Jeddah, KSA
SIGMA is seeking a Senior Cybersecurity Assurance Specialist to lead security configuration reviews, vulnerability assessments, and compliance gap analyses. You will work with DLP, XDR, PAM, WAF, and other security platf
Cybersecurity Assurance ( Configuration Review & Vulnerability assessments) Specialist
Jeddah, KSA
SIGMA seeks a hands-on Senior Cybersecurity Assurance Specialist to lead security assurance activities including configuration reviews, vulnerability assessments, and compliance gap assessments. Requires deep technical e
Cybersecurity Assurance Engineer
Jeddah, KSA
Senior Cybersecurity Assurance Specialist Role Overview We are seeking a highly skilled and hands-on Senior Cybersecurity Assurance Specialist to lead security assurance activities across critical cybersecurity technolog
Senior Voice Engineer (VoIP/IP Telephony)
Riyadh, KSA
Penetration Testing Engineer
Jeddah, KSA
Penetration Tester Specialist
Jeddah, KSA
Senior PAM Engineer
Riyadh, KSA
Senior Cybersecurity Assurance ( Configuration Review & Vulnerability assessments) Specialist
Jeddah, KSA
Senior Cybersecurity Assurance ( Configuration Review & Vulnerability assessments) Engineer
Jeddah, KSA
Cybersecurity Assurance ( Configuration Review & Vulnerability assessments) Specialist
Jeddah, KSA
Cybersecurity Assurance Engineer
Jeddah, KSA