Expert DevSecOps Engineer

Join a great place to work with MissionSquare, a financial services corporation with approximately $79 billion in assets under management and administration and over 600 employees. Founded in 1972, MissionSquare is dedicated to the retirement needs of public sector employees. We focus on delivering results-oriented retirement and retiree health savings plans, education, investment options, personalized guidance, and related services to public sector participants in more than 9,200 plans and nearly 2 million participant accounts. We strive to make the administration of retirement programs as easy and cost-effective as possible. We have an extraordinary talent base and invite you to consider joining MissionSquare.

$128,490.00 - $205,580.00

The DevSecOps Engineer is a highly technical role responsible for supporting, securing, managing, and deploying solutions aligned with business objectives. Candidates must have strong expertise in information security, infrastructure, software development, and operating systems, as well as an understanding of business strategy and operational needs in a fast-paced environment. This role integrates security into CI/CD pipelines, ensuring automation and compliance with security principles.

DevSecOps Engineers collaborate closely with developers, system engineers, cybersecurity teams, and administrators to deliver secure, reliable solutions. They demonstrate strong analytical skills, adaptability, and the ability to meet change requests quickly, while maintaining superior communication and teamwork. With a security-first mindset, DevSecOps Engineers continuously assess threats, manage enterprise risk, and support integration and deployment requirements across multidisciplinary teams

Essential Functions for this role include:

Build relationships with developers, stakeholders and scrum master’s to incorporate security principles into engineering design and deployments

Supervise testing and validation in application security controls across projects

Oversee implementation of defensive practices and countermeasures across infrastructure and applications

Uphold CI/CD security strategy and practices in tandem with other technical team leads

Serve as a point of contact for security-based escalations and remain tightly involved through resolution

Build services and tools to enable developers and engineers to easily use security components produced by application security team members

Simplify automation that applies security inter-workings with CI/CD pipelines.

Support the ability to “shift left” and incorporate security early on and throughout the development lifecycle

Identify vulnerabilities in code through automated and manual assessments and promote quick remediation

Proven experience with SAST, SCA, DAST, IaC scanning

Strong experience using Cloud security architecture (IAM, containers, baseline)

Understanding of threat modeling

Performs other duties as assigned

If you have the following skills, we encourage you to apply:

Bachelor’s degree (BA/BS) in Finance, Accounting, Business, or a related field, or equivalent professional experience

At least 7+ years’ experience in information technology, information security administration or security operations

Experience with agile workflows, including Scrum and Kanban.

Understanding of containers (e.g., Docker) and container orchestration (e.g., Docker Swarm, Kubernetes)

Understanding of CloudFormation, Terraform, Ansible and Jenkins

Proficient in securing Windows and *nix operating systems, endpoint applications, networking protocols and devices

Proven experience with operations and security across Amazon Web Services (AWS) and Microsoft Azure     

Proven experience with GitHub Actions

Hands on experience with WIZ

Hands on experience with application security testing (BURP)

Ability to obtain and maintain technical team and business support influences a collaborative effort to reduce the attack surface while performing rapid, continuous implementation

Capable of scripting in Python, Bash, Perl or PowerShell

Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle (SLDC)

Preferred Certifications: CISSP, GIAC (GCSA, GWAPT), AWS (SSA)

 To benefit your career and support your wellbeing, we offer:

Competitive Total Rewards package, including base pay, incentive programs, benefits, and a 401(k) plan with matching contributions

Flexible and hybrid work schedules to support work-life balance

Tuition reimbursement to support continued education

Professional and career development opportunities, including courses and certifications

Comprehensive wellness programs promoting physical, mental, and emotional health

Volunteerism initiatives to encourage community engagement

Click here to learn more about MissionSquare’s benefits.

Equal Employment Opportunity

As a company, MissionSquare is an Equal Opportunity Employer. We strive to create an environment that reflects the value and diversity of our employees and fosters respect among them. We believe that talent from diverse backgrounds will further enhance our ability, and mission, to serve those who serve their communities.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, or any other protected classifications under any applicable law.

This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.