Apply on Employer Site

Sycomp · 5 hours ago

DevSecOps Engineer (1099 contract/C2C)

United States

Contract

Remote

Senior Level, Lead/Staff

6+ years exp

Sycomp is a global IT services and logistics provider specializing in cloud, data center, endpoint management, and security solutions. They are seeking a highly experienced DevSecOps Engineer to implement secure development and deployment practices across the organization, ensuring that security is integrated into their DevOps culture and cloud infrastructure.

HardwareInformation TechnologySoftware

Growth Opportunities

H1B Sponsor Likely

Hiring Manager

Ana R. Billios

Responsibilities

Define and drive the organization's DevSecOps vision and roadmap

Act as the technical authority and advisor for all security-related aspects of the CI/CD pipeline

Collaborate with Engineering, Security, and Operations teams to embed security into all stages of the SDLC

Champion a “security as code” mindset and lead secure software delivery practices

Mentor DevSecOps engineers, security champions, and cross-functional stakeholders

Design and implement automated security controls and pipelines (SAST, DAST, SCA, IaC scanning, secrets detection)

Develop and enforce security guardrails, policies, and compliance requirements in CI/CD workflows

Automate vulnerability scanning and management, and integrate remediation into development cycles

Threat modeling, secure design reviews, and architecture assessments for new projects

Drive secure cloud adoption strategies and implement security baselines for cloud infrastructure (Azure, Adobe, AWS) containers, and serverless functions

Ensure compliance with industry standards (NIST, OWASP, ISO 27001, SOC 2) and regulatory requirements (e.g., GDPR, HIPAA, PCI-DSS)

Evaluate and integrate cutting-edge DevSecOps tools

Develop custom tooling where appropriate to support secure delivery and threat detection

Establish and monitor security KPIs and SLAs across platforms

Support incident response processes and contribute to forensic analysis and RCA

Act as the bridge between security operations and development teams

Lead or participate in security assessments, audits, and red/blue team exercises

Qualification

DevSecOpsCI/CD platformsCloud securitySecurity testing toolsContainer securityScripting languagesStakeholder managementAgile methodologiesLeadership

Required

6+ years of hands-on experience in DevOps, security engineering, or software development roles, with at least 2 years in a senior or lead DevSecOps role

Strong knowledge of CI/CD platforms (GitLab CI, GitHub, Jenkins, Azure DevOps, WebShpere, Web Logic, IIS, Tomcat, Apache, MuleSoft, Maven, ANT, NPM tools, Azure Cloud, Azure Data Factory, Azure Databricks, Adobe Experience Manager, Power Apps, Power Automate, Power BI, Microsoft Fabric, Microsoft Copilot Studio experience, Infrastructure as Code, Kubernetes AKS, etc.)

Hands-on experience with security testing tools (e.g., SonarQube, Veracode, Checkmarx, Trivy, OWASP ZAP, Burp Suite)

Proficient with cloud-native security in AWS, Azure, Adobe

Deep understanding of container security, Kubernetes, and IaC (Terraform, Ansible, CloudFormation)

Strong scripting or development experience (Python, Bash, PowerShell, Go, etc.)

Excellent leadership, mentoring, and stakeholder management skills

Knowledge of agile/DevOps methodologies and enterprise SDLC best practices

Company

Sycomp

Sycomp is a global IT and logistics service provider with expertise in cloud, data center, endpoint management and security solutions.

Founded in 1995

Foster City, California, USA

501-1000 employees

http://www.sycomp.com

H1B Sponsorship

Sycomp has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)

Distribution of Different Job Fields Receiving Sponsorship

Represents job field similar to this job

Trends of Total Sponsorships

2025 (1)

2024 (6)

2023 (2)

2022 (1)