DevSecOps Engineer
TrueML · Lenexa, Kansas
Job Description
DevSecOps Engineer
Company: TrueML Location: Lenexa, Kansas Work Model: Onsite Contract: Permanent Industry: Finance
About TrueML
TrueML is a mission-driven financial software company dedicated to creating better customer experiences for distressed borrowers. We leverage machine learning to deliver personalized, digital-first financial management solutions that adapt in real-time to customer interactions. Our team comprises data scientists, financial services experts, and customer experience enthusiasts committed to building technology that serves individuals with unique needs and preferences, ensuring no one is excluded from the financial system.
About the Role
We are seeking a Senior Security Engineer to lead the integration of security throughout the software development lifecycle (SDLC). This role is at the intersection of engineering, cloud infrastructure, and application security, focusing on driving automation, scalability, and secure-by-default development practices. You will design and implement security-first CI/CD pipelines, embed automated security testing, and collaborate with engineering teams to ensure applications are built, deployed, and operated securely at scale.
Key Responsibilities
- Security Automation & CI/CD Integration:
- Embed security controls and scanners (SAST, SCA, DAST, IaC, Container Security) into CI/CD pipelines (e.g., GitHub Actions, Jenkins, GitLab CI, Azure DevOps).
- Design and maintain automated security workflows across build, test, and deploy stages.
- Implement security gates, policy enforcement, and compliance checks within pipelines.
- Cloud Security (AWS Focus):
- Secure cloud-native architectures across AWS, including IAM, VPC, ECS/EKS, Lambda, S3, and API Gateway.
- Integrate and operationalize Cloud-Native Application Protection Platforms (CNAPP) and Cloud Security Posture Management (CSPM) tools.
- Enforce least privilege access, secrets management, and runtime protections.
- Own Cloud Security: Define and maintain security policies for our AWS environment, with a focus on containerized workloads (EKS/ECS) and serverless architectures (Lambda).
- Automate Compliance: Build real-time monitoring and automated remediation for AWS resources to ensure audit readiness for frameworks like PCI and ISO 27001.
- Lead Threat Modeling: Conduct deep-dive threat modeling exercises on applications and designs, translating theoretical risks into actionable engineering plans.
- Innovate with AI: Develop security standards for Generative AI and leverage AI-powered tools to explore our attack surface while defending against AI-driven threats.
- Guard the Infrastructure: Secure Infrastructure as Code (IaC) templates (Terraform/CloudFormation) and manage cloud primitives like IAM, KMS, and WAF to ensure a least privilege environment.
Requirements
- 7-10 years in software engineering, DevOps, or cloud engineering, with at least 3 years in a DevSecOps-focused role.
- Deep mastery of cloud security, vulnerability analysis, and incident response.
- Demonstrable expertise in the AWS ecosystem.
- High proficiency in securing Infrastructure as Code (Terraform) and containerized environments.
- Top-tier industry certifications (e.g., CISSP, SANS GIAC, CASP) and a firm grasp of compliance frameworks like PCI and ISO 27001.
- Familiarity with OWASP, proficiency with modern security tooling, and the ability to secure complex API integrations and data protection layers.
- Understanding of the evolving landscape of AI regulations and technical curiosity regarding AI's use by threat actors.
- Natural collaborator capable of translating complex InfoSec projects into simple, maintainable tasks for Engineering teams.
- Excellent communication skills to propose strategic methodologies and convince stakeholders of the business value of security-first design.
- Deep expertise in CI/CD pipelines (GitHub Actions, Jenkins).
- Strong hands-on experience with AWS cloud security.
- Proficiency in application security tooling and integration.
- Experience with container security (Docker, Kubernetes).
- Strong scripting/programming skills (Python, JavaScript).
- Understanding of modern DevSecOps and shift-left security practices.
- Excellent collaboration skills across engineering, security, and DevOps teams.
What We Offer
- Flexible vacation
- Medical, dental, and vision insurance
- Traditional and Roth retirement savings options
- Company-paid disability and life insurance
- Flexible Spending Account & Limited FSA
- Family-friendly parental leave, volunteer, and voting time off
- On-demand wellness platform access
- PerkSpot discount program
Compensation
The base salary range for this role in the U.S. is $122,090 - $160,000 per year
✨ This description was enhanced by AI based on the original listing.