Job Description
Dice is the leading career destination for tech experts at every stage of their careers. Our client, Kanshe Infotech, is seeking the following. Apply via Dice today! Role: Application Security / DevSecOps Engineer (Python, AWS) • *Location:** Remote • *Key Skills:** AppSec | DevSecOps | Python | AWS | Security Scanning | Snyk | Wiz | SonarQube | Containers • *Overview** We are seeking a highly technical • *Application Security / DevSecOps Engineer** with deep experience securing modern cloud-native applications and containerized workloads. This role will focus on integrating security throughout the • *software development lifecycle (SDLC)** while working closely with engineering and DevOps teams to identify, remediate, and prevent vulnerabilities across • *AWS environments** . The ideal consultant will be a • *strong Python developer** with hands-on expertise in • *security scanning platforms such as Snyk, SonarQube, and Wiz** , and will have experience securing • *containerized workloads running in cloud environments** . • *Responsibilities** Application Security & DevSecOps • Embed security best practices into the CI/CD pipeline and software development lifecycle. • Implement and manage application security scanning across code, dependencies, and containers. • Perform SAST, SCA, and vulnerability analysis to identify and remediate security risks. • Partner with engineering teams to prioritize and remediate vulnerabilities. Security Scanning & Tooling • Implement and manage security scanning tools including: • Snyk (SCA & SAST) • SonarQube • Wiz • Automate scanning and policy enforcement within CI/CD pipelines. • Develop reporting dashboards and remediation workflows. Cloud & Container Security • Secure containerized workloads running on AWS. • Implement security best practices for Kubernetes, Docker, and serverless workloads. • Monitor cloud security posture and address vulnerabilities across infrastructure and applications. Development & Automation • Build and maintain security automation using Python. • Create scripts and tooling to automate vulnerability remediation, scanning, and reporting. • Integrate security checks into build pipelines and deployment workflows. Collaboration • Work closely with DevOps, platform engineering, and application development teams. • Provide guidance on secure coding practices and threat mitigation strategies. • Assist in defining security architecture for new cloud-native applications. • *Required Skills** Technical Skills • Strong Python development experience. • Application security experience in modern DevOps environments. • Hands-on experience with Snyk (SCA & SAST). • Experience with SonarQube and Wiz security platforms. • AWS cloud security experience. • Container security (Docker, Kubernetes). • CI/CD security integration (GitHub Actions, Jenkins, GitLab, etc.). Security Expertise • SAST, SCA, and vulnerability management • Secure Software Development Lifecycle (SSDLC) • Dependency and open-source security scanning • Cloud Security Posture Management Nice to Have • Experience with IaC security (Terraform, CloudFormation). • Knowledge of threat modeling and penetration testing. • Experience implementing DevSecOps programs.