MeridianLink · 5 hours ago
DevSecOps Engineer
United States
Full-time
Remote
Entry, Mid Level
2+ years expMeridianLink is focused on safeguarding internal company data and client data through its operational, compliance, and application security programs. The DevSecOps Engineer will assess and enhance the security of applications and infrastructure while collaborating with development and engineering teams to meet security requirements.
BankingFinancial ServicesFinTechInformation Technology
Responsibilities
The DevSecOps Engineer will assist with user issues while working with SR. DevSecOps Engineers or other security personnel as needed
Participate in and support application security reviews and threat modeling, including code review and static/dynamic testing
Responsible for understanding and interpreting both business and technical requirements for creating secure applications and infrastructure
Responsible for the design and implementation of application security solutions that enforce security consistently across all applications and products
Conduct infrastructure assessments of cloud, network, and data services that support MeridianLink’s products
Design, develop, test, document, deploy, monitor, and support existing and new AppSec and SecOps tooling
Automate security testing and vulnerability management procedures where reasonable
Promote a proactive approach to addressing the changing threat landscape by recommending and implementing architectural improvements to security infrastructure
Collaborate with developers on secure code development best practices and strategies while implementing them into the SDLC
Collaborate cross-functionally to architect, develop, implement, and support automated static/dynamic testing within MeridianLink’s CI/CD pipelines
Act as the security team’s primary liaison to the development/software engineering teams and partner with them to remediate any identified risks, threats, or vulnerabilities
Perform automated and manual vulnerability assessments as needed and/or on a regular cadence, leveraging a wide variety of industry-standard tools, to identify and validate vulnerabilities in MeridianLink’s applications, cloud infrastructure, and endpoints
Assess new/proposed applications and provide guidance and subject matter expertise regarding any insecure architecture/design principles
Support and provide guidance in regulatory and compliance efforts/requirements as necessary
Act as a subject matter expert for secure coding practices, penetration testing, and all aspects of application and product security
Participate in the internal CSIRT on-call rotation and incident response as needed
Qualification
Required
Bachelor's degree and 2-4 years of related experience or equivalent work experience
1+ years of hands-on experience in implementing/maintaining CI/CD, security, and data pipelines
Hands-on experience in designing, securing, and delivering cloud applications and solutions within AWS, Azure, and GCP cloud platforms
Must have a solid understanding of DevSecOps pipelines and CI/CD integration, proven expertise in securing cloud infrastructure environments
Experience with threat modeling and deep understanding of application security vulnerabilities (SANS, OWASP Top 10)
Experience performing threat modeling and design reviews to assess security implications and requirements for new technologies
Someone who has worked in a DevSecOps environment preferred, with a thorough understanding of SDLC methodologies and experience securing APIs and web services
Experience with industry standard application and information security testing tools such as Kali Linux, Metasploit, Burp Suite, and WebInspect
Experience and understanding of infrastructure as code, automation, container security architecture, and orchestration tools
Experience in languages such as Python, C#, Java, PowerShell, and an understanding of modern web technologies and relationships between them
Experience performing static and dynamic code analysis (SAST/DSAT)
Expertise with strong knowledge of CI/CD pipelines covering source control, integration, and deployment
Experience securing cloud deployment and containers
Strong analytical/problem-solving skills and cross-functional knowledge across multiple development and security disciplines
Ability to communicate security-related concepts to a broad range of technical and non-technical staff
Preferred
Someone who has worked in a DevSecOps environment preferred, with a thorough understanding of SDLC methodologies and experience securing APIs and web services
Company
MeridianLink
MeridianLink is a digital lending platform that helps financial institutions through a configurable platform.
501-1000 employees
H1B Sponsorship
MeridianLink has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (14)
2024 (5)
2023 (1)
2022 (12)
2021 (11)
2020 (1)
Funding
Current Stage
Public CompanyTotal Funding
$570.51M2025-08-11Acquired
2024-09-26Post Ipo Secondary· $0.01M
2024-02-07Post Ipo Secondary· $85.5M
Leadership Team
Larry Katz
Chief Executive Officer
Elias Olmeta
Chief Financial Officer
Recent News
HousingWire.com
2026-01-09
Orange County Business Journal
2026-01-09
HousingWire.com
2026-01-07
Company data provided by crunchbase