DevSecOps Engineer

About the Company Sycomp is a global IT services and logistics provider with extensive expertise in cloud, data center, endpoint management and security solutions. Sycomp’s diverse team of consultants and engineers deliver on the company’s mission to tackle challenging global IT projects through its state-of-the-art integration and warehouse centers and global technology partnerships. Headquartered in the heart of Silicon Valley, California, Sycomp has successfully shipped, deployed and managed complex IT projects and supporting assets in more than 150 countries helping its Fortune 500 customers and global partners realize a world without boundaries. Job Summary: We are seeking a highly experienced and technically skilled DevSecOps Engineer to implement secure development and deployment practices across our organization. This role combines hands-on engineering with strategic leadership, ensuring that security is seamlessly integrated into our DevOps culture, toolchains, and cloud infrastructure. The ideal candidate will bring a strong background in software security, automation, and modern DevOps practices, and will be able to influence architecture, culture, and process across development and operations teams. Key Responsibilities: Leadership & Strategy - Define and drive the organization's DevSecOps vision and roadmap. - Act as the technical authority and advisor for all security-related aspects of the CI/CD pipeline. - Collaborate with Engineering, Security, and Operations teams to embed security into all stages of the SDLC. - Champion a “security as code” mindset and lead secure software delivery practices. - Mentor DevSecOps engineers, security champions, and cross-functional stakeholders. DevSecOps Implementation - Design and implement automated security controls and pipelines (SAST, DAST, SCA, IaC scanning, secrets detection). - Develop and enforce security guardrails, policies, and compliance requirements in CI/CD workflows. - Automate vulnerability scanning and management, and integrate remediation into development cycles. - Threat modeling, secure design reviews, and architecture assessments for new projects. Cloud & Infrastructure Security - Drive secure cloud adoption strategies and implement security baselines for cloud infrastructure (Azure, Adobe, AWS) containers, and serverless functions. - Ensure compliance with industry standards (NIST, OWASP, ISO 27001, SOC 2) and regulatory requirements (e.g., GDPR, HIPAA, PCI-DSS). Security Automation & Tooling - Evaluate and integrate cutting-edge DevSecOps tools. - Develop custom tooling where appropriate to support secure delivery and threat detection. - Establish and monitor security KPIs and SLAs across platforms. Incident Readiness & Collaboration - Support incident response processes and contribute to forensic analysis and RCA. - Act as the bridge between security operations and development teams. - Lead or participate in security assessments, audits, and red/blue team exercises. Required Qualifications: - 6+ years of hands-on experience in DevOps, security engineering, or software development roles, with at least 2 years in a senior or lead DevSecOps role. - Strong knowledge of CI/CD platforms (GitLab CI, GitHub, Jenkins, Azure DevOps, WebShpere, Web Logic, IIS, Tomcat, Apache, MuleSoft, Maven, ANT, NPM tools, Azure Cloud, Azure Data Factory, Azure Databricks, Adobe Experience Manager, Power Apps, Power Automate, Power BI, Microsoft Fabric, Microsoft Copilot Studio experience, Infrastructure as Code, Kubernetes AKS, etc.). - Hands-on experience with security testing tools (e.g., SonarQube, Veracode, Checkmarx, Trivy, OWASP ZAP, Burp Suite). - Proficient with cloud-native security in AWS, Azure, Adobe . - Deep understanding of container security, Kubernetes, and IaC (Terraform, Ansible, CloudFormation). - Strong scripting or development experience (Python, Bash, PowerShell, Go, etc.). - Excellent leadership, mentoring, and stakeholder management skills. - Knowledge of agile/DevOps methodologies and enterprise SDLC best practices. Sycomp is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status, veteran status, or any other protected characteristic. Sycomp will provide reasonable accommodation for qualified individuals with disabilities as needed. If you need assistance or an accommodation in applying, please contact our Human Resources Department at hr@sycomp.com.