AI DevSecOps Senior Engineer

AI Dev Sec Ops  Senior Engineer

Anticipated End Date:

Location:

This role requires associates to be in-office 1-2 days per week. Alternate locations may be considered if the candidate resides within a reasonable commuting distance from an office. Candidates not within a reasonable commuting distance will not be considered unless an accommodation is granted as required by law.

Note: This position is not eligible for current or future VISA sponsorship.

• Lead the design and implementation of Dev Sec Ops  solutions integrated into CI/CD pipelines (Git Hub, Git Lab, Jenkins).
• Define and implement secure SDLC practices, including automated testing, threat modeling, and secure coding standards.
• Own and optimize CNAPP platforms (e.g., Wiz, Prisma Cloud) to improve cloud security posture and workload protection.
• Drive vulnerability management strategy, risk‑based prioritization, and integration into developer workflows.
• Integrate and tune App Sec tools (SAST, DAST, SCA, container scanning) for scalable pipeline adoption.
• Establish guardrails for AI‑generated code security, validating outputs and mitigating risks such as insecure code patterns and data exposure.
• Embed security controls into AI‑enabled applications and APIs, addressing emerging risks (prompt injection, model misuse).
• Partner with engineering teams to reduce vulnerability backlog and MTTR.
• Define KPIs and reporting for security posture, pipeline coverage, and risk reduction.
• Serve as a technical advisor and escalation point for complex security and integration challenges.
• Lead system and network architecture support for information and network security technologies.
• Lead development and execution of risk assessment methodologies tailored to business, regulatory, and technical environments.
• Lead development of requirements, system architecture, and software design of security products and services.
• Develop security incident response plans and strategies.
• Provide trouble resolution and serve as technical escalation point for complex problems.

• BS/BA in Information Technology or related field.
• Minimum 8 years of experience in systems administration and security aspects of information systems, including access management, network security technologies, network communications, computer networking, telecommunications, systems development and management, hardware, software, data, and people.
• Broad‑based experience planning and designing highly complex systems, or an equivalent combination of education and experience.

• Experience in Dev Sec Ops , Application Security, Cloud Security, or related fields.
• Hands‑on experience integrating security into CI/CD pipelines at scale.
• Experience with CNAPP platforms (e.g., Wiz, Prisma Cloud).
• Strong knowledge of application security (SAST, DAST, SCA, API security).
• Cloud security (AWS, Azure, or GCP).
• Containers & Kubernetes security.
• Vulnerability management and risk prioritization.
• Experience with automation, scripting, and infrastructure‑as‑code (IaC).
• Experience securing AI/LLM‑enabled applications or AI‑assisted development workflows.
• Familiarity with AI security risks (e.g., OWASP Top 10 for LLMs, prompt injection, data leakage).
• Experience with tools such as Snyk, Checkmarx, Veracode, Sonar Qube.
• Strong understanding of Dev Ops and Agile practices.
• Security certifications (e.g., CISSP, CCSP, CSSLP) preferred.

Elevance Health is an Equal Employment Opportunity employer, and all qualified applicants will receive consideration for employment without regard to age, citizenship status, color, creed, disability, ethnicity, genetic information, gender (including gender identity and gender expression), marital status, national origin, race, religion, sex, sexual orientation, veteran status or any other status or condition protected by applicable federal, state, or local laws.