Application Security​/DevSecoOps Engineer

Description

The client is revamping their Dev Ops practice and building a future state 3–5 year roadmap. Within this roadmap they will be migrating from Azure ADO to Git Hub for CI/CD. During this maturity program they are hiring a Dev Sec Ops  Engineer to ensure a security‑first mindset. This resource will be working under the Security Team assisting to build the framework and self‑service model for Dev Ops Engineers.

This includes but is not limited to:

• Champion Secure‑by‑Design and Defense‑in‑Depth principles throughout the software development lifecycle
• Apply OWASP (e.g., Top 10, ASVS) and MITRE ATT&CK/CWE frameworks to evaluate and communicate threats and control gaps
• Code Review
• SAST and SCA Auditing
• CNAPP Auditing
• Integration of Scanning Tools into CI/CD Pipeline
• Act as SME in various cross‑functional team calls
• Prioritization of backlog and sprint selection for security items

The Application Security Engineer plays a crucial role in overseeing the security of development operations (Dev Sec Ops ) for the organization. Reporting directly to the Deputy CISO and with key relationships to the Development Operations and IT Operations teams, this role provides engineering, analytical and operational expertise across a range of AWS and Azure services and other cloud‑based security solutions.

• Security oversight of the continuous delivery, continuous integration (CI/CD) pipeline
• Combination of static and dynamic application security testing (SAST/DAST), to identify code bugs and application issues
• Software composition analysis (SCA) to track all open‑source components in the developer's code base
• Threat modelling to identify architectural design faults and potentially exposed targets of attack
• Evaluate and advise on service deployment into a microservices architecture (Kubernetes), and operational functions relative to security best practices and compliance requirements
• Maintain security issue tracking and reporting using Azure Dev Ops (ADO) currently prior to moving to Git Hub
• Develop and maintain documentation of target state designs and security roadmaps

• Application security
• Penetration testing

Application security

Prefer experience in:

• Reading/reviewing .NET/C#, JavaScript/Type Script
• Azure or AWS Cloud
• Azure Dev Ops or similar SCM / bug tracking
• SAST / SCA technologies
• CNAPP or other cloud posture tools (CSPM)
• Manual security testing (penetration testing) of web applications (Burp Suite)

Expert Level

This is a Contract position based out of Oakbrook Terrace, IL.

The pay range for this position is $10.00 – $10.00/hr.

Benefits (subject to eligibility and program terms):

• Medical, dental & vision
• Critical Illness, Accident, and Hospital
• 401(k) Retirement Plan – Pre‑tax and Roth post‑tax contributions available
• Life Insurance (Voluntary Life & AD&D for the employee and dependents)
• Short and long‑term disability
• Health Spending Account (HSA)
• Transportation benefits
• Employee Assistance Program
• Time Off/Leave (PTO, Vacation or Sick Leave)

This is a hybrid position in Oakbrook Terrace, IL.

This position is anticipated to close on Feb 14, 2026.

The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.