xelys jobs xelys jobs

DevSecOps Engineer

TrueML

seniorsecuritydevops Lenexa, Kansas 3 days ago via RemoteOK

See how well this job matches your profile

Sign up to get an AI match score and generate a tailored application in seconds.

Get your match score

Tags

AWSDevSecOpsCI/CDTerraformKubernetesContainer SecuritySASTSCACSPMThreat Modeling

About the role

Role Overview

TrueML is seeking a DevSecOps / Sr. Security Engineer to lead security integration across the SDLC. The role blends engineering, cloud infrastructure, and application security—driving automation, scalability, and secure-by-default development practices.

Responsibilities

Security Automation & CI/CD Integration (Core)

  • Embed security controls and scanners into CI/CD pipelines (SAST, SCA, DAST, IaC, Container Security).
  • Design and maintain automated security workflows across build, test, and deploy stages.
  • Implement security gates, policy enforcement, and compliance checks within pipelines.
  • CI/CD tooling: GitHub Actions, Jenkins, GitLab CI, Azure DevOps.

Cloud Security (AWS Focus)

  • Secure cloud-native architectures on AWS: IAM, VPC, ECS/EKS, Lambda, S3, API Gateway.
  • Operationalize CNAPP/CSPM tooling (e.g., Wiz, Prisma Cloud).
  • Enforce least privilege, secrets management, and runtime protections.
  • Define and maintain security policies for AWS, with emphasis on EKS/ECS and serverless (Lambda).
  • Automate compliance via real-time monitoring and remediation to stay audit-ready (e.g., PCI, ISO 27001).
  • Lead threat modeling and convert risks into actionable engineering plans.

Guard Infrastructure & AI Security

  • Secure Infrastructure as Code templates (Terraform/CloudFormation) and manage cloud primitives (IAM, KMS, WAF).
  • Develop security standards for Generative AI and use AI-powered tools to explore/defend against AI-driven threats.

What You Bring

  • 7–10 years in software engineering, DevOps, or cloud engineering.
  • 3+ years in a DevSecOps-focused role.
  • Deep mastery of cloud security, vulnerability analysis, and incident response.
  • Strong AWS expertise and ability to secure Terraform and containerized environments.
  • Top-tier security certifications (e.g., CISSP, SANS GIAC, CASP) plus understanding of PCI and ISO 27001.
  • Familiarity with OWASP and modern security tooling; ability to secure API integrations and data protection layers.
  • Awareness of evolving AI regulations and curiosity about how threat actors use AI to bypass controls.
  • Strong collaboration skills; ability to translate complex InfoSec work into clear, maintainable engineering tasks.

About TrueML

TrueML is a mission-driven financial software company focused on improving digital-first experiences for distressed borrowers. It uses machine learning to personalize engagement and adapt strategies in real time based on customer interactions, aiming to help ensure people are not locked out of the financial system. The team blends data science, financial services expertise, and customer experience to build secure, scalable technology.

View original listing Generate application

Scraped 6/17/2026

xelys jobs xelys jobs

Built for remote job seekers. Powered by AI.