Full-Time Staff DevSecOps Engineer

BeyondTrust is a place where you can bring your purpose to life through the work that you do, creating a safer world through our cyber security SaaS portfolio. Our culture of flexibility, trust, and continual learning means you will be recognized for your growth, and for the impact you make on our success. You will be surrounded by people who challenge, support, and inspire you to be the best version of yourself.

The Role As a Staff DevSecOps Engineer, you will help develop and implement our Engineering team’s DevSecOps strategy, with a strong focus on Static Application Security Testing (SAST) and CI/CD tooling. You will architect, implement, and scale security practices across our software development lifecycle, enabling secure and seamless deployments while maintaining compliance and governance standards. This role demands technical leadership, collaboration across teams, and a deep understanding of DevOps, security, and software development workflows.

What You’ll Do

• Develop best practices and tooling for implementing a DevSecOps approach that helps secure BeyondTrust’s CI/CD while enabling our Engineering teams to adopt these approaches seamlessly.
• Collaborate with cross-functional teams, including application security engineers, Engineering leadership, software engineers, SREs, and product managers, to drive secure development initiatives.
• Secure our codebases and pipelines from misuse, bad coding practices, vulnerable dependencies, and exposed secrets.
• Develop and implement tooling for Static Application Security Testing (SAST) along with improving analytics in Github Security Centre.
• Implement a robust end-to-end process in partnership with Application Security teams for Code Scanning, Secret Scanning, and Dependency Reviews.
• Establish and enforce policies for secure code development and vulnerability management.
• Automate remediation workflows to streamline vulnerability fixes and improve code quality.
• CI/CD Tooling and Pipeline Security Design and enhance secure CI/CD pipelines to ensure secure, automated, and reliable software delivery. Implement guardrails and security checks (e.g., static/dynamic analysis, software composition analysis) into CI/CD pipelines. Standardize and optimize tools like Jenkins, GitHub Actions, Azure DevOps, or other CI/CD platforms.
• Security by Design Champion secure coding practices and lead efforts to embed security in all stages of the SDLC. Collaborate with development teams to identify and mitigate risks early in the development lifecycle. Provide technical leadership for implementing industry best practices in application security and cloud-native environments.
• Automation and Infrastructure Security Develop and manage infrastructure-as-code (IaC) security processes. Automate security tasks, including testing, monitoring, and alerting for potential threats. Drive continuous improvement through automated patch management and dependency updates.
• Compliance and Governance Ensure CI/CD and GitHub workflows comply with regulatory requirements (e.g., SOC 2, GDPR). Develop and maintain metrics and reporting to demonstrate the Engineering teams’ security program effectiveness.
• Leadership and Collaboration Serve as a subject-matter expert and mentor for engineers on DevOps and DevSecOps principles and tooling. Lead incident response and forensic investigations related to DevSecOps environments.

What is the last date for applying to the job?

Which countries are accepted for this remote job?