Senior DevSecOps Engineer

Dice is the leading career destination for tech experts at every stage of their careers. Our client, PY DATA, INC., is seeking the following. Apply via Dice today! Senior DevSecOps Engineer Hybrid - Greensboro, NC 1.5 4 years, long term contract 2 positions Must haves: • Strong development background (MOST important) Must be able to code and speak at a developer level, Preferred: Java, Python • Application security experience OWASP Top 10-level understanding expected Ability to explain vulnerabilities deeply (not just tool usage) Role Overview Our organization is seeking two DevSecOps Engineers for the Technology Risk Office s Application Security team. This role is responsible for conducting security assessments across all applications, including web, mobile, and APIs. The position functions as a consultative partner to developers, focusing on explaining security issues, guiding remediation, and integrating security tools within the CI/CD pipeline. This is a contract-to-hire opportunity. Key Responsibilities • Review vulnerabilities identified by security tools and work directly with development teams to explain issues and guide remediation efforts. • Engage in hands-on development and scripting to create and maintain tool integrations within the security ecosystem. • Support end-to-end application security services, including intake, assessment scoping, and application team engagement. • Conduct SAST, SCA, DAST, API security, and mobile security assessment activities, including onboarding, validation, reporting, and remediation guidance. • Assist in reducing the application security backlog and improve vulnerability management by working with application teams on findings and closure. • Enable stronger security throughout the software development lifecycle through automated, developer-friendly security tools and processes. Required Qualifications Education: Bachelor s degree in Computer Science, Information Security, Cybersecurity, Information Technology, Engineering, or equivalent related experience. Experience: A strong development background is the most critical requirement. We are seeking candidates with a developer's mindset and coding ability. Experience levels are flexible, with roles available for candidates with 3+ years and 6+ years of relevant experience in application security, DevSecOps, or software development. Technical Skills: • Demonstrated ability to code and communicate at a developer level, preferably with experience in Java or Python. • Experience with Application Security, secure SDLC, and DevSecOps principles within CI/CD pipelines. • Knowledge of security testing (SAST, SCA/OSCA, DAST), API security, and vulnerability validation. • Familiarity with tools such as GitHub, Jira, and Jenkins. • Understanding of cloud security concepts and REST/SOAP APIs. • Strong communication skills to explain vulnerabilities, risk, and remediation clearly to developers and stakeholders.