Application Security/ DevSecoOps Engineer

Description

The client is revamping their DevOps practice and building a future state 3-5 year roadmap. Within this roadmap they will be migrating from Azure ADO to GitHub for CI/CD. During this maturity program they are hiring a DevSecOps Engineer to ensure a security first mindset. This resource will be working under the Security Team assisting to build the framework and self service model for DevOps Engineers. This includes but is not limited to: - Champion Secure-by-Design and Defense-in-Depth principles throughout the software development lifecycle - Apply OWASP (e.g., Top 10, ASVS) and MITRE ATT&CK/CWE frameworks to evaluate and communicate threats and control gaps - Code Review - SAST and SCA Auditing - CNAPP Auditing - Integration of Scanning Tools into CI/CD Pipeline - Act as SME in various cross-functional team calls - Prioritization of backlog and sprint selection for security items The Application Security Engineer plays a crucial role in overseeing the security of development operations (DevSecOps) for the organization. Reporting directly to the Deputy CISO and with key relationships to the Development Operations and IT Operations teams, this role provides engineering, analytical and operational expertise across a range of AWS and Azure services and other cloud-based security solutions. Primary Responsibilities (Securing the Software Development Life Cycle) • Security oversight of the continuous delivery, continuous integration (CI/CD) pipeline • Combination of static and dynamic application security testing (SAST/DAST), to identify code bugs and application issues. • Software composition analysis (SCA) to track all open-source components in the developer’s code base. • Threat modelling to identify architectural design faults and potentially exposed targets of attack. • Evaluate and advise on service deployment into a microservices architecture (Kubernetes), and operational functions relative to security best practices and compliance requirements • Maintain security issue tracking and reporting using Azure DevOps (ADO) currently prior to moving to GitHub • Develop and maintain documentation of target state designs and security roadmaps.

Skills

Application security, Penetration test

Top Skills Details

Application security

Additional Skills & Qualifications

Prefer experience in: • Reading / reviewing .NET / C#, JavaScript / TypeScript • Azure or AWS Cloud • Azure DevOps or similar SCM / bug tracking • SAST / SCA technologies • CNAPP or other cloud posture tools (CSPM) • Manual security testing (pen testing) of web applications (burp suite) Tooling: • Which SAST/SCA tools are currently in use? Checkmarx (largely going through and auditing, not as much configuration) and while the Checkmarx tool is preferred, it’s not an absolute mandate. • What CNAPP or CSPM tools are in place (e.g., Wiz, Prisma Cloud, Orca)? Prisma • What AAS services are most heavily used in the platform? EKS, any Kubernetes experience is certainly a bonus

Experience Level

Expert Level

This is a Contract position based out of Chicago, IL.

The pay range for this position is $10.00 - $10.00/hr.

Eligibility requirements apply to some benefits and may depend on your job classification and length of employment. Benefits are subject to change and may be subject to specific elections, plan, or program terms. If eligible, the benefits available for this temporary role may include the following: • Medical, dental & vision • Critical Illness, Accident, and Hospital • 401(k) Retirement Plan – Pre-tax and Roth post-tax contributions available • Life Insurance (Voluntary Life & AD&D for the employee and dependents) • Short and long-term disability • Health Spending Account (HSA) • Transportation benefits • Employee Assistance Program • Time Off/Leave (PTO, Vacation or Sick Leave)

This is a hybrid position in Chicago,IL.

This position is anticipated to close on Apr 1, 2026.

We're partners in transformation. We help clients activate ideas and solutions to take advantage of a new world of opportunity. We are a team of 80,000 strong, working with over 6,000 clients, including 80% of the Fortune 500, across North America, Europe and Asia. As an industry leader in Full-Stack Technology Services, Talent Services, and real-world application, we work with progressive leaders to drive change. That's the power of true partnership. TEKsystems is an Allegis Group company.

The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

About TEKsystems and TEKsystems Global Services

We’re a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We’re a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We’re strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We’re building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.

The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.