DevSecOps Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Quzara LLC · 1 day ago

DevSecOps Engineer

positionUnited States
timeFull-time
remoteRemote
seniorityMid, Senior Level
date3+ years exp

Quzara LLC is seeking a DevSecOps Engineer (Detection & Pipeline Security) who will manage secure CI/CD pipelines and ensure detection logic is deployed and maintained. The role involves operationalizing security practices within the development lifecycle and collaborating with engineering and SOC teams.

Internet
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Manage the Detections as Code (DaC) lifecycle for threat detection logic using KQL or Sigma formats, implementing version control (Git) and automated deployment pipelines
Harden and maintain Azure DevOps (ADO) pipelines, agents, and related CI/CD workflows for both software and detection releases in high-compliance environments
Administer and secure the Azure Container Registry (ACR), ensuring containers are scanned, patched, and aligned to STIG compliance prior to production deployment
Implement Shift Left security techniques by integrating SAST, DAST, and compliance scans directly into build pipelines to identify vulnerabilities early
Partner with the Threat Intelligence and SOC teams to automate deployment of detection content, hunting queries, and analytics into Microsoft Sentinel and related tools
Build and maintain secure CI/CD templates, YAML pipelines, and secrets management for infrastructure, detection logic, and application components
Provide audit evidence and documentation to support FedRAMP, FISMA, and CMMC continuous monitoring efforts
Stay current with container, cloud, and CI/CD security innovations and implement them in real-time across production systems
Other duties as assigned

Qualification

DevSecOps experienceCI/CD pipelines managementAzure DevOpsContainer securityKQLSAST/DAST integrationCompliance frameworksCollaboration skillsDocumentation skills

Required

U.S. Citizen (Required)
Prior experience in a DevSecOps or Security Engineering role is required (Candidates must have both DevOps experience and security background)
3–5+ years' experience managing CI/CD pipelines within cloud-native environments (Azure DevOps strongly preferred)
Hands-on experience deploying and managing containerized workloads (Docker, Kubernetes) in a secure and scalable way
Advanced knowledge of Azure DevOps, Azure Kubernetes Service (AKS), Azure Container Registry, and Microsoft Sentinel/KQL
Demonstrated experience integrating security tooling into DevOps pipelines (SAST/DAST, policy-as-code, IaC validation, etc.)
Strong familiarity with compliance frameworks such as FedRAMP, CMMC, or FISMA, and their technical enforcement in the SDLC

Preferred

Microsoft Certified: DevOps Engineer Expert (AZ-400)
Microsoft Certified: Azure Security Engineer Associate (AZ-500)
Additional certifications such as SC-200 (Security Operations Analyst) or Kubernetes Security Specialist (CKS) are a plus

Company

Quzara LLC

twittertwittertwitter
company-logo
Quzara is a DC-Based Cybersecurity firm. We are US Government SBA 8(a) Certified, WOSB and GSA HAC SINS approved in every category.
dateFounded in 2015
location
Vienna, Virginia, USA
people-size11-50 employees
web-link
https://www.quzara.com

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Saif Rahman
CEO - Cloud Security, Architecture, XDR
linkedin

Recent News

PR Newswire
Quzara Cybertorch™ Achieves FedRAMP® High Authorization
2025-12-17
PR Newswire
Quzara LLC Awarded GSA Highly Adaptive Cybersecurity Services (HACS) SIN for Incident Handling & Emergency Management (IHEM)
2025-09-23
Quzara LLC and Cybertorch Named to MSSP Alert's 2024 List of Top 250 MSSPs
2024-10-26
Company data provided by crunchbase