Principal DevSecOps Engineer

Become a key player in our Information Security team as a Principal DevSecOps Engineer, where you will leverage your expertise in application security, security engineering, and software development to support and enhance our inline code testing and reporting processes. This role involves the implementation and administration of application security tooling, integration into CI/CD pipelines, and providing support for development teams using these products and consuming their findings. Implementing and maintaining Application Security Testing (AST) tools (SAST, DAST, IAST, SCA, etc.) to identify code and dependency vulnerabilities during the software development lifecycle. Acting as the first line of support for users by helping resolve false positives, providing guidance on finding remediation, and evaluating security exception requests. Integrating security tooling with Continuous Integration/Continuous Deployment (CICD) pipelines. Developing detailed reports on security findings and remediation efforts.