Seminole Hard Rock Support Services

SHRSS (Seminole Hard Rock Support Services) is seeking a highly motivated and skilled DevSecOps Engineer. This role will be responsible for managing our application security scanning toolset, influencing strategy, building, and maintaining integrations with our CI/CD pipelines, and providing security guidance to our engineering community. You will take part in design and code reviews and offer direction to ensure that our organization is proactively managing risk. This individual will actively collaborate with stakeholders from Vulnerability Management, DevOps, Penetration Testing, and remediation to provide SME guidance and support.Our team is growing, and we are looking for somebody with a mindset to help our programs continue to evolve.Evaluate and analyze threats, vulnerabilities, impact, and risk of security issuesSupport SAST, SCA and DAST scanning technologiesLiaise with DevOps to build integrations between our scanners and the CI/CD pipelinesDrive our shift-left strategyProvide SME support and remediation guidance to our stakeholdersDevelop and design DevSecOps metrics, policies, processes, and proceduresConsult on DevSecOps requirements from diverse application/line of business partners3-5 years of experience in an application securityExperience performing secure code reviews, and web and mobile application security testingExperience with secure development, coding, and engineering practicesExperience with OWASP Top 10 and emerging attack vectorsExperience with SAST, DAST and SCA toolsExperience with CDN solutions such as Cloudflare and Akamai.Experience with infrastructure as code and infrastructure testing strategiesWorking knowledge of Windows, Unix/Linux, Mac OS X, Android, iOS, etc.Software development experience in one or more programming languages (e.g., Java, C#, JavaScript, Python, PowerShell, Bash, Groovy)Knowledge of scripting to support the automation and continuous improvement of processesThorough knowledge of networking technologies, OSI network layers, and TCP/IPKnowledge of DevSecOps pipeline, Agile methodology, container security, APIs, and microservicesExcellent communication and collaboration skillsPreferred:Bachelor’s degree or higher in information security, equivalent demonstrated work experience and industry standard certificationsPrior experience working on a DevSecOps roleInformation security certifications (e.g., OSCP, OSWA, GPEN, GWAPT, eCPPT, eWPT, CEH, CISSP, CSSLP)Cloud security experience in one or more of the following (Azure, AWS or GCP)Experience with CSPM tools (e.g. Wiz, Orca, Prisma Cloud)Experience in the Casino Gaming industry

Created: 2025-09-22