×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

AppSec & DevSecOps Engineer

Job in New York, New York County, New York, 10261, USA
Listing for: Public Partnerships | PPL
Full Time position
Listed on 2026-01-10
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below
Location: New York

Public Partnerships LLC supports individuals with disabilities or chronic illnesses and aging adults, to remain in their homes and communities and “self” direct their own long‑term home care. Our role as the nation’s largest and most experienced Financial Management Service provider is to assist those eligible Medicaid recipients to choose and pay for their own support workers and services within their state‑approved personalized budget.

We are appointed by states and managed healthcare organizations to better serve more of their residents and members requiring long‑term care and ensure the efficient use of taxpayer funded services. Our culture attracts and rewards people who are results‑oriented and strive to exceed customer expectations. We desire motivated candidates who are excited to join our fast‑paced, entrepreneurial environment, and who want to make a difference in helping transform the lives of the consumers we serve.

Job Title: Application Security (App Sec) and Dev Sec Ops  Engineer

Location: US (preference given to New York and New Jersey)

Job Type: Full‑time

Job Summary

We are seeking an experienced and proactive Application Security (App Sec) and Dev Sec Ops  Engineer to embed security throughout the software development lifecycle and CI/CD pipelines. You will collaborate with development, operations, and security teams to design, implement, and maintain security best practices in our applications and infrastructure. This role ensures our systems are secure by design and compliant with industry standards, including HIPAA, SOC2, OWASP, NIST 800‑53, and NIST SSDF.

Key Responsibilities
  • Secure SDLC Integration
  • Integrate security at every phase of the software development lifecycle.
  • Collaborate with engineering and product teams in Agile/Scrum environments to prioritize, track, and remediate security issues during sprint cycles.
  • Develop and maintain threat models and perform design reviews.
  • Lead threat modeling sessions and conduct in‑depth security architecture reviews.
  • Educate development teams on secure coding practices.
  • Contribute to secure backlog grooming and definition of security‑related user stories and acceptance criteria.
  • Actively support the organization’s secure software development lifecycle (SDLC) initiatives by integrating security controls, processes, and testing into development workflows and CI/CD pipelines.
  • Integrate security testing tools (SAST, DAST, SCA, IaC scanning) into CI/CD pipelines.
  • Automate security checks to ensure continuous compliance and early detection.
  • Ensure integration of security scanning outputs into ticketing systems and development workflows for traceable remediation.
  • Application Security
  • Perform and manage vulnerability assessments, code reviews, and penetration testing.
  • Lead application‑level penetration testing efforts, both internally and with external vendors.
  • Remediate findings by working closely with developers and product teams.
  • Facilitate and track remediation activities as part of security sprints.
  • Monitor and manage third‑party/open‑source dependencies for known vulnerabilities.
  • Conduct security code reviews using both automated and manual analysis techniques.
  • Infrastructure & Dev Sec Ops
  • Secure containerized environments (Docker, Kubernetes).
  • Ensure cloud infrastructure security (AWS/GCP/Azure) using infrastructure‑as‑code (IaC) tools like Terraform or Cloud Formation.
  • Implement secrets management, identity and access control, and other cloud‑native security features.
  • Governance & Compliance
  • Contribute to security policies, standards, and compliance efforts (e.g., ISO 27001, SOC 2, NIST 800‑53, GDPR).
  • Ensure application security controls comply with HIPAA Security Rule safeguards (e.g., access control, audit logging, encryption).
  • Support documentation and evidence collection for SOC 2 Type II audits and HIPAA security risk assessments.
  • Map security activities and controls to NIST 800‑53 and NIST SSDF frameworks.
  • Support audit activities and create documentation for security controls.
Required Qualifications
  • Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent experience).
  • 3–5+ years of experience in App Sec, Dev Sec Ops , or…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search