Security Engineer - DevSecOps/Code Security

About This Role

Security Engineer - DevSecOps

We are seeking a highly skilled Security Engineer with strong software engineering foundations and deep expertise in secure development practices. The successful candidate will have hands-on experience with source code management, CI/CD pipelines, cloud-native environments, and secure code review processes. You will play a key role in identifying vulnerabilities, improving developer security practices, and embedding security into modern engineering workflows.

Required Skills & Experience

Technical Skills

* Expert-level knowledge of Git and modern version control workflows

* Strong frontend and backend development experience

* Hands-on application security experience in modern engineering environments

* Experience performing manual and automated secure code reviews

* Practical experience with Wiz Code

* Strong Python scripting and automation skills

* Experience with Kubernetes security and containerised environments

* Strong AWS cloud security knowledge

* Solid understanding of CI/CD pipelines and DevSecOps principles

* Familiarity with software engineering best practices and SDLC processes

Security Expertise

* Secure coding practices and vulnerability remediation

* OWASP Top 10 and common application security risks

* Static and dynamic application security testing concepts

* Secrets management and dependency security

* Threat modelling and risk analysis

Soft Skills

* Ability to communicate effectively with developers and engineering leadership

* Strong analytical and problem-solving skills

* Collaborative mindset with a pragmatic approach to security

* Ability to balance security requirements with engineering productivity

Preferred Qualifications

* Experience working in high-scale cloud-native environments

* Familiarity with Infrastructure as Code (Terraform, CloudFormation, etc.)

* Knowledge of container security and Kubernetes hardening

* Experience integrating security tools into developer workflows

Ideal Candidate Profile

You are someone who:

* Thinks like an engineer and understands developer challenges

* Can read, understand, and assess production-grade code

* Is comfortable working across security, infrastructure, and engineering teams

* Enjoy improving developer security practices through collaboration rather than gatekeeping

* Understands modern DevSecOps and cloud-native application architectures