Senior DevSecOps / Application Security Engineer

Fenton Cary, NC


Apply Save

Type: Permanent

Category: DevOps

Industry: Communications

Reference ID: JN -052026-107083

Date Posted: 05/21/2026

Shortcut: http://careers.eliassen.com/JRz3Rm


Description:

Onsite in Fenton Cary, NC

We are seeking a Senior DevSecOps / Application Security Engineer to join a modern Information Security organization supporting rapidly evolving development environments. This role sits at the intersection of application security, developer enablement, and automation, with a strong mandate to embed security directly into how software and AI-driven solutions are built, tested, and deployed.


As a senior technical contributor, you will focus on securing code, development pipelines, and AI-enabled applications while helping establish governance and standardized security controls across teams that are increasingly writing and deploying their own code. This is a hands-on role for someone who can both build and advise—balancing strong security controls with developer efficiency and delivery velocity.


This is a full-time, permanent opportunity, offering a competitive salary and comprehensive benefits package. Qualified applicants must be willing and able to work on a w2 basis.

Salary: $122,000 - $145,000/ yr. w2 + benefits


Responsibilities:
  • Embed security controls into application development workflows, CI/CD pipelines, and code repositories
  • Support and guide developers on secure coding practices and secure build processes
  • Drive automation and policy-as-code to enforce security requirements consistently
  • Secure modern, AI-enabled applications and assess risks introduced by AI in development workflows
  • Improve security prioritization and efficiency through automation and intelligent tooling
  • Design and implement secure CI/CD pipelines with automated controls such as:
    • Static and Dynamic Application Security Testing (SAST/DAST)
    • Software Composition Analysis (SCA)
    • Secrets scanning and code integrity checks
    • Infrastructure-as-Code (IaC) and container image scanning
  • Secure code repositories by enforcing:
    • Branch protections and access controls
    • Commit signing, code integrity, and version control governance
  • Prevent insecure code usage or data exposure (e.g., sensitive data pushed to public repositories)
  • Implement and maintain policy-as-code frameworks to enforce security standards automatically
  • Secure the software supply chain, including:
    • Dependency validation
    • SBOM generation
    • Validation of third-party and purchased software
  • Establish standardized security guardrails as more teams begin building and deploying code
  • Ensure data is encrypted at rest and handled securely across development environments
  • Partner with identity and data protection teams to strengthen:
    • Identity and access controls (IAM)
    • Data Loss Prevention (DLP) practices within development workflows
  • Evaluate risks introduced by AI in software development and application design
  • Help define and implement controls for secure AI-driven applications
  • Leverage AI to enhance security monitoring, prioritization, or automation
  • Interest in candidates who can write code and potentially build secure prompting or automation solutions

Experience Requirements:
  • 7+ years of experience in DevSecOps, application security, security engineering, or platform engineering
  • Experience with cloud-native and modern development environments, including containers and infrastructure-as-code
  • Strong scripting or automation experience (e.g., Python, PowerShell, Bash)
  • Proven ability to translate security requirements into scalable, automated technical controls
  • Practical experience with repository platforms such as GitHub, GitLab, Azure DevOps, or Bitbucket and related security governance.
  • Deep experience with containers (Docker), Kubernetes, and IaC tools including Terraform, ARM, and AWS CloudFormation.
  • Strong understanding of software supply chain security, dependency management, and SBOM practices.
  • Experience implementing policy-as-code using Azure Policy, AWS Config, OPA, or similar tools.
  • Proficiency with scripting and automation such as Python, PowerShell, and Bash and DevOps tooling like Jenkins, GitHub Actions, and Azure Pipelines.
  • Strong understanding of SDLC and operationalizing controls in engineering environments.

Requires: Strong hands-on experience securing:

  • Code repositories (e.g., GitHub, GitLab, Azure DevOps)
  • CI/CD pipelines and developer platforms
  • Approximately 5% travel.

Education Requirements:

Bachelor’s degree in Computer Science, Engineering, Information Security, or a related field (or equivalent practical experience)


Recruitment Transparency Notice
 
Eliassen Group values transparency in our recruitment practices. Please be advised that Eliassen Group utilizes artificial intelligence (AI) tools as part of its initial application screening and hiring process. You may receive email and SMS notifications from the Eliassen Virtual Recruiting Team (noreply@eliassen.com, 781-808-2924) inviting you to complete a brief voice screening as part of your application process. These tools assist our hiring teams in different ways, including but not limited to, assistance in reviewing application materials to help identify candidates whose qualifications most closely match the requirements of the position. All AI-assisted evaluations and responses are reviewed by human recruiters before any hiring decisions are made. The use of AI in our process is intended to support fairness, efficiency, and consistency, and Eliassen Group takes measures to prevent bias or discrimination in connection with its hiring practices. By proceeding, you acknowledge, agree, and consent to Eliassen Group’s use of these tools, including AI tools, as part of the application and hiring process.
 

Skills, experience, and other compensable factors will be considered when determining pay rate. The pay range provided in this posting reflects a W2 hourly rate; other employment options may be available that may result in pay outside of the provided range.

W2 employees of Eliassen Group who are regularly scheduled to work 30 or more hours per week are eligible for the following benefits: medical (choice of 3 plans), dental, vision, pre-tax accounts, other voluntary benefits including life and disability insurance, 401(k) with match, and sick time if required by law in the worked-in state/locality.
If anyone reaches out to you about an open position connected with Eliassen Group, please ensure that you are working directly with us by confirming the following:

· When you work with Eliassen Group, all email communication will come from an Eliassen.com address, never Gmail, Yahoo, etc.

· Eliassen Group will never ask you for personal information (home address, bank account, or check routing number) until you have worked with someone clearly associated with Eliassen Group.

If you have any indication of fraudulent activity, please contact fraud@eliassen.com.

 
About Eliassen Group:
 
Eliassen Group is a strategic consulting firm that helps organizations reach further and achieve more through our technology, business advisory, and life sciences solutions. For nearly 40 years, we have combined exceptional people, deep domain expertise, and intelligent capabilities to expand our clients’ capacity and accelerate meaningful outcomes. We are driven by a purpose to positively impact the lives of our employees, clients, consultants, and the communities we serve.
 
Eliassen is committed to building a diverse and inclusive team from a variety of backgrounds, perspectives, and skills. We are an Equal Opportunity and Affirmative Action Employer and all employment decisions are based on merit, performance, and business needs. Eliassen does not discriminate on the basis of race, color, gender identity or expression, sexual preference or orientation, sex (including pregnancy, childbirth, and related medical conditions), marital status, creed, religion, physical or mental disability, genetic information, military or veteran status, age, ancestry, national origin, citizenship status, prohibited criminal record inquiries of applicants and employees, or any other category protected by federal, state, or local laws.
 
Don’t miss out on our referral program! If we hire a candidate that you refer us to then you can be eligible for a $1,000 referral check!
 

  • Sr. DevSecOps Engineer

     washington, DC

    Description: Onsite in washington, DC Our client seeks a Sr. DevSecOps Engineer to design, secure, and operate CI/CD pipelines and cloud infrastructure across classified environments. You will lead automation with GitLab CI, Jenkins, and Infrastructure...

    Date Posted: 04/23/2026 Recommended

  • Software Engineer - Data/Opensearch

     Charlotte, NC

    Description: Hybrid in Charlotte, NC Our client seeks a senior software engineer to build and operate the software, data, and metadata foundations of a Data Marketplace platform. The role focuses on Python services, AWS infrastructure automation with T...

    Date Posted: 05/03/2026 Recommended

  • Principal AWS Cloud Developer

     Westlake, TX

    Description: Hybrid Every other week onsite/5 days in Westlake, TX Our client seeks a Principal Cloud Developer to build scalable backend services and modernize mainframe capabilities that support digital experiences in financial planning, investing, a...

    Date Posted: 05/02/2026 Recommended

  • Full Stack Engineer

     Westlake, TX

    Description: Onsite in Westlake, TX Our client seeks a Full Stack Engineer to design and develop scalable products and APIs that support digital client and advisor appointment experiences. You will contribute to a resilient content platform within the ...

    Date Posted: 05/06/2026 Recommended

  • Principal iOS Engineer – Testing Specialist

     Merrimack, NH

    Description: Hybrid Every other week onsite/5 days in Merrimack, NH The organization seeks a Principal iOS Engineer focused on testing to build high-quality mobile experiences across iPhone, iPad, and wearables. The role will design, develop, and test ...

    Date Posted: 04/27/2026 Recommended

  • Sr. Software Developer II

     Washington dc, DC

    Description: Onsite in Washington dc, DC The organization seeks a Sr. Software Developer II to deliver secure and reliable software for mission-critical federal systems. The role focuses on building and modernizing enterprise applications using C#, .NE...

    Date Posted: 05/15/2026 Recommended

  • AI Engineer

     Anywhere

    Description: Remote Our client seeks an AI-focused engineer to build backend services and AI agents that execute end-to-end business workflows. The role will design and deploy retrieval-augmented generation systems for AI-driven lookups across enterpri...

    Date Posted: 04/23/2026 Recommended

  • Sr. Site Reliability Engineer III

     Washington dc, DC

    Description: Onsite in Washington, DC our client seeks a Sr. Site Reliability Engineer III to design, automate, and operate mission-critical systems for federal environments. The role focuses on Kubernetes or VMWare platforms, CI/CD enablement, observa...

    Date Posted: 05/11/2026 Recommended

  • Information System Security Officer / Cybersecurity Engineer

     Aberdeen Proving Ground, MD

    Description: Onsite in Aberdeen Proving Ground, MD Our client seeks an Information System Security Officer / Cybersecurity Engineer to guide DoD RMF policy, requirements, engineering, and accreditation activities. The role manages eMASS entries, transl...

    Date Posted: 04/29/2026 Recommended

  • Distributed Database Cloud Engineering Consultant

     Westlake, TX

    Description: We’re seeking a Cloud Engineer to join a Distributed Database Platform team within the financial services industry. This team is composed of highly experienced engineers, and we’re intentionally looking for someone with solid, hands-on exp...

    Date Posted: 04/30/2026 Recommended

  • Senior Full Stack Engineer

     Merrimack, NH

    Description: Hybrid Onsite 5 days/week, alternating weeks in either Manchester, NH or Boston, MA or Irving, TX Our client seeks a Senior Full Stack Engineer to build omni-channel user experiences and platform capabilities that support retail Alternativ...

    Date Posted: 05/07/2026 Recommended

  • Mid Systems Engineer, CyberArk

     Washington, DC

    Description: Onsite in Washington, DC Our client seeks a Mid Systems Engineer, CyberArk, to support a Privileged Access Management program for a federal environment. The role will assist senior engineers with CyberArk deployment, operations, reporting,...

    Date Posted: 05/12/2026 Recommended

  • Senior Software Engineer in Test

     Durham, NC

    Description: Hybrid 2 weeks per month in either Durham, NC or Location to be confirmed Our client seeks a Senior Software Engineer in Test to design, develop, and maintain automated test suites for digital healthcare products. The role focuses on UI an...

    Date Posted: 04/23/2026 Recommended

  • AWS Cloud / GoLang Software Engineering Consultant

     Merrimack, NH

    Description: Hybrid 50% on site, locations available in North Carolina office, New Hampshire office, or our world class Texas office Our client seeks a customer-focused Software Engineer to help build and operate containerized services as well as authe...

    Date Posted: 05/12/2026 Recommended

  • Tier 1 Security Analyst

     Fenton Cary, NC

    Description: Onsite in Anaheim, CA Our client seeks a Tier 1 Security Analyst to monitor, alert, respond, and report on cyber threats targeting critical assets, systems, and data. The analyst will operate in a 24x7 SOC environment with shift rotations,...

    Date Posted: 05/03/2026 Recommended

  • Senior Automation Engineer

     Irving, TX

    Description: Hybrid 3 days onsite/2 days remote in either Irving, TX or Charlotte, NC or Minneapolis, MN or Chandler, AZ Our client seeks a contract engineer to accelerate an enterprise automation framework and unify the SD-Branch architecture. The rol...

    Date Posted: 05/21/2026 Recommended

  • Software Engineer

     San Diego, CA

    Description: Onsite in San Diego, CA Our client seeks a Software Engineer to support an onsite project at a Navy base in San Diego. The role will contribute to analysis, design, development, integration, and testing of cross-platform applications for L...

    Date Posted: 05/12/2026 Recommended

  • Tier 2 Senior Cyber Security Analyst

     Tustin, CA

    Description: Santa Ana, CA | Onsite at OC Data Center Our client seeks a Tier 2 Senior Cyber Security Analyst to support a 24x7x365 Security Operations Center. The analyst will create, tune, monitor, and investigate SIEM alerts and support incident res...

    Date Posted: 05/20/2026 Recommended

  • Senior Software Development Engineer

     San Diego, CA

    Description: Hybrid 2-3 days onsite in San Diego, CA Our client seeks a Senior Software Development Engineer to design, develop, test, and integrate cross-platform applications with a focus on C++ and Qt/QML on Linux and SQLite. The role will contribut...

    Date Posted: 05/09/2026 Recommended

  • Software Engineer in Test

     Merrimack, NH

    Description: Hybrid 2 weeks per month in either Merrimack, NH or RI Our client seeks a Software Engineer in Test to design and implement automated testing for complex applications. The role will build BDD-focused API and database tests, drive QA strate...

    Date Posted: 04/23/2026 Recommended

  • Senior Configuration Management Engineer

     herndon, VA

    Description: Onsite in herndon, VA Our client seeks a Senior Configuration Management Engineer to lead and mature CM practices for a globally distributed mission system spanning enterprise infrastructure, cloud services, and networks. The role will def...

    Date Posted: 05/10/2026 Recommended

  • Mid Java, Angular, Vue.js SW Eng

     Rockville, MD

    Description: Hybrid 3 days onsite / 2 days remote in Rockville, MD Our client seeks a full stack developer to build and maintain applications across UI, services, and data layers in a regulated financial context. The role requires proficiency with Java...

    Date Posted: 05/22/2026 Recommended

  • Senior Technical Lead – Emerging Technologies

     St. Louis, MO

    Description: Hybrid 3 days in office/week in St. Louis, MO Our client seeks a Senior Technical Lead to guide emerging retail technologies including in-store automation, digital shelf capabilities, and item integration. The role will lead solution desig...

    Date Posted: 05/16/2026 Recommended

  • Senior Front End Engineer

     Anywhere

    Description: Remote Our client seeks a Senior Front End Engineer to lead architecture and delivery of modern web platforms and digital products. The role combines hands-on engineering with technical leadership, code quality stewardship, and cross-funct...

    Date Posted: 05/20/2026 Recommended

  • Senior Java Software Developer

     Westlake, TX

    Description: Hybrid Every other week onsite/5 days in Westlake, TX Our client seeks a Senior Java Software Developer to build secure, scalable back-end services using Java, Spring Boot, and Spring Security. The role emphasizes API design and integratio...

    Date Posted: 05/11/2026 Recommended

  • Senior Platform / DevOps Engineering Consultant (Java / Kubernetes)

     Westlake, TX

    Description: 50% hybrid / on site in Westlake TX We are seeking a Senior Platform / DevOps Engineer to join a Platform Engineering team within a large financial services enterprise. This team builds and operates large-scale, cloud-native, event-driven ...

    Date Posted: 05/06/2026 Recommended

  • Systems Services & Support Consultant

     Westlake, TX

    Description: Hybrid Onsite 5 days/week, alternating weeks in either Westlake, TX or Merrimack, NH Our client seeks a Systems Services & Support Consultant to coordinate and execute SSH key rotations for external vendors and clients within the Electroni...

    Date Posted: 04/27/2026 Recommended

  • Senior Systems Analyst – IAM

     Smithfield, RI

    Description: Hybrid Every other week onsite/5 days in either Smithfield, RI, Covington, KY or Merrimack, NH The Senior Systems Analyst – IAM will deliver Identity and Access Management solutions with a focus on SailPoint and access governance. The role...

    Date Posted: 05/22/2026 Recommended

  • Sr. Solutions Architect III - Cyber

     Washington, DC

    Description: On-site in Washington, DC Our client seeks a Sr. Solutions Architect III - Cyber to design, implement, and manage scalable cybersecurity solutions across multiple domains. You will lead the implementation of a Security Operations Center an...

    Date Posted: 05/18/2026 Recommended

  • Senior Software Engineer – Java / Spring Boot / Azure

     Pittsburgh, PA

    Description: Hybrid 4 in Pittsburgh, PA Our client is building a secure, fault‑tolerant Azure platform for high‑volume data ingestion, ledger‑based recordkeeping, and analytics for a small internal user base. The role focuses on backend engineering wit...

    Date Posted: 05/03/2026 Recommended

Eliassen Group is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status. Eliassen Group’s Affirmative Action Plan (AAP) is available for inspection by any employee or applicant for employment upon request, during normal business hours of Monday through Friday, 8:30am to 5:30pm EST. Interested persons should contact Phaedra Wells at pwells@eliassen.com for assistance. It is unlawful in Massachusetts and Maryland to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

Applicants with disabilities that believe they require an accommodation or assistance with a position, please email our HR team at hradmin@eliassen.com. This email inbox is designed exclusively to assist job seekers whose disability prevents them from being able to apply online. Emails sent for other purposes will not receive a response.


Please be advised that a number of fraudulent job postings have been released under the Eliassen Group brand.

Unfortunately, fraudulent job postings can happen. If anyone reaches out to you about an open position connected with Eliassen Group, never provide personal or financial information to anyone who is not clearly associated with Eliassen Group

If anyone seemingly from Eliassen Group has ever requested this personal information in the past or does so in the future, please contact fraud@eliassen.com.

Please ensure that you are working directly with us by confirming the following:

  • When you work with Eliassen Group, all email communication will come from an Eliassen.com address, never Gmail, Yahoo, etc.
  • Eliassen Group will never ask you for personal information (home address, bank account, or check routing number) until you have worked with someone clearly associated with Eliassen Group, as indicated above