Senior DevSecOps Engineer

Senior DevSecOps Engineer Raleigh, NC Apply Who We Are: Bandwidth, a prior u201cBest of ECu201d award winner, is a global software company that helps enterprises deliver exceptional experiences through voice, messaging, and emergency services. Reaching 65+ countries and over 90 percent of the global economy, we're the only provider offering an owned communications cloud that delivers advanced automation, AI integrations, global reach, and premium human support. Bandwidth is trusted for mission-critical communications by the Global 2000, hyperscalers, and SaaS builders At Bandwidth, your music matters when you are part of the BAND. We celebrate differences and encourage BANDmates to be their authentic selves. #jointheband What We Are Looking For: TheSeniorDevSecOpsEngineerdelivers advanced technical expertise to integrate security, automation, and observability across Bandwidthu2019s software development and infrastructure environments. This role focuses on executing secure-by-default practices and embedding protection, compliance, and telemetry into CI/CD and cloud operations, enabling faster, more resilient, and more secure delivery pipelines. Working closely with Security Operations (SecOps), Application Security (AppSec), Governance Risk and Compliance (GRC), Cloud, and Engineering teams, this engineer applies u201cshift-leftu201d principles to ensure security is built in at every stage of development and deployment. What You'll Do: Security tooling integration and automation + Implement, maintain, and optimize security tooling across build, test, and deploy stages (SAST, DAST, SCA, IaC scanning, supply-chain scanning, CSPM, CWPP, SIEM, SOAR, EDR/XDR). + Build and maintain automated security testing and compliance validation in CI/CD pipelines (GitHubActions,GitLabCI,Jenkins,ArgoCD,AzureDevOps). + Develop and support reusable automation frameworks and APIs for vulnerability data exchange, control testing, and alerting. + Use Infrastructure-as-Code (IaC) and Policy-as-Code (PaC) technologies (Terraform,CloudFormation,OPA,Conftest) to continuously enforce governance and compliance controls. + Collaborate with the Application Security team on code scanning, vulnerability triage, and secure codeu2011review automation. Observability, telemetry, and detection engineering + Integrate and maintain unified observability solutions, consolidating metrics, traces, and logs across OpenTelemetry,Prometheus,DataDog,AWSCloudWatch, andSumoLogic. + Develop and enforce security and performance observability standards for services and environments. + Collaborate with the SecOps team to link security telemetry with detection rules, correlation logic, and automated response systems. + Support metrics collection and dashboards to assess observability coverage and detection performance. Cloud and infrastructure security + Implement secure configurations and controls across AWS,Azure,andGCPenvironments using CSPM,CWPP,ZeroTrust, and workloadu2011protection tools. + Embed visibility and control baselines into multiu2011cloud and containerized environments. + Contribute to automation for compliance and configuration validation using CIS,NIST,andFedRAMPbenchmarks. + Partner with Cloud and Infrastructure teams to ensure cloud security posture meets enterprise standards. Metrics, reporting, and improvement + Collect and report DevSecOps metrics related to vulnerability reduction, automation coverage, observability, and compliance. + Identify opportunities to improve tool integrations, automation pipelines, and detection methods. + Research and pilot emerging technologies, including AI/MLu2011based threat detection, runtime protection, and automated remediation tools. AI Security + Support the implementation of Bandwidthu2019s AI Security Framework to uphold the security, privacy, and ethical use of AI systems. + Collaborate with Security and Product teams on threat modeling and validation for AI/ML systems, addressing model integrity, prompt injection, data leakage, and bias mitigation. + Contribute to internal automations for AI model testing, ensuring adherence to information security controls. Developer Enablement & Collaboration + Support Security Champion initiatives to promote secure coding awareness, tooling adoption, and security accountability across engineering teams. + Contribute to secure development training, internal workshops, and tool onboarding sessions. + Partner with Product and Development teams to design developeru2011friendly security integrations balancing usability and compliance. Other duties and responsibilities: + Serve as technical liaison between InfoSecOps, Engineering, and Cloud for monitoring, alert correlation, and automated playbooks. + Automate compliance controls and evidence collection for SOC2,ISO27001,HIPAA,andFedRAMP certifications. + Participate in incident response reviews and develop automation improvements after major events. What You Need: Education + Bacheloru2019s degree inComputer Science,Cybersecurity,Information Technology, or a related technical discipline. + Professional certifications such asCISSP,CISM,CCSP,AWSSecuritySpecialty,orKubernetesSecuritySpecialistpreferred. Experience + Minimum4yearsof combined experience inInformationSecurity,CloudSecurity, orDevSecOpsengineering. + Handsu2011on experience integrating security tooling, automation, and observability in enterprise CI/CD and cloud environments. + Demonstrated collaboration withSOC,AppSec,andSREteams to enhance detection, response, and overall security hygiene. Knowledge and skills + Proficient in secureSDLCmethodologies (OWASPSAMM,BSIMM)andMITREATT&CKframeworks. + Strong automation experience usingGitHubActions,GitLabCI,orJenkins. + Skilled in writing IaC to manage platforms and tools + Skilled in scripting(Python,Go,PowerShell)for security automation and system integration. + Familiarity with observability stacks (OpenTelemetry,Prometheus,Grafana,SumoLogic,DataDog). + Experience with multiu2011cloudsecurity,ZeroTrustprinciples, andidentityfederation(OAuth2,OIDC,SAML). + Excellent communication, documentation, and crossu2011team collaboration skills. Bonus Points: + Experience implementing AI/MLu2011based anomaly detection and predictive analytics. + Familiarity with datau2011privacy automation (GDPR,CCPA) and confidential computing. + Background in telecom,SaaS,or other highu2011availability architectures. + Participation in openu2011source DevSecOps or observability communities. + Experience with Redhat OpenShift, Kubernates, AWS The Whole Person Promise: At Bandwidth, weu2019re pretty proud of our corporate culture, which is rooted in our u201cWhole Person Promise.u201d We promise all employees that they can have meaningful work AND a full life, and we provide a work environment geared toward enriching your body, mind, and spirit. How do we do that? Wellu2026 + 100% company-paid Medical, Vision, & Dental coverage for you and your family with low deductibles and low out-of-pocket expenses. + All new hires receive four weeks of PTO. + PTO Embargo. When you take time off (of any kind) youu2019re embargoed from working. Bandmates and managers are not allowed to interrupt your PTO u2013 not even with email. + Additional PTO can be earned throughout the year through volunteer hours and Bandwidth challenges. + u201cMahalo momentsu201d program grants additional time off for lifeu2019s most important moments like graduations, buying a first home, getting married, wedding anniversaries (every five years), and the birth of a grandchild. + 90-Minute Workout Lunches and unlimited meetings with our very own nutritionist. Are you excited about the position and its responsibilities, but not sure if youu2019re 100% qualified? Do you feel you can work to help us crush the mission? If you answered u2018yesu2019 to both of these questions, we encourage you to apply You wonu2019t want to miss the opportunity to be a part of the BAND. Applicant Privacy Notice ( Create a Job Alert Interested in building your career at Bandwidth? Get future opportunities sent straight to your email. Create alert

Created: 2025-12-05