DevSecOps Engineer (CI/CD, Security Integration, Azure DevOps) POST NUMBER: 474288
We are seeking a hands-on DevSecOps Engineer to help modernize how security is embedded into the software development lifecycle. This role is focused on integrating security into CI/CD pipelines, improving engineering practices, and driving a “secure by design” approach across development teams.
You will work cross-functionally with platform, infrastructure, and engineering teams to strengthen security controls, improve processes, and ensure security is built into how software is developed and deployed, not added after the fact.
This is not an application development role, but it is highly technical and hands-on within pipelines, tooling, and automation.
What You’ll Do
DevSecOps & CI/CD Integration
- Design, implement, and enhance security controls within CI/CD pipelines (primarily Azure DevOps)
- Embed security scanning (e.g., DAST and related tooling) into build and release workflows
- Implement guardrails to prevent insecure code from progressing through the pipeline
- Partner with platform and infrastructure teams to improve pipeline architecture and security posture
Security Process & Practice Improvement
- Identify gaps in current development and deployment practices and drive improvements
- Help transition teams from traditional DevOps to a DevSecOps mindset
- Promote “secure by design” principles across engineering teams
- Support the adoption of consistent security standards and practices across environments
Automation & Scripting
- Develop scripts and automation (PowerShell, Python, or similar) to enforce security controls and reduce manual effort
- Build reusable tooling and templates to standardize secure development workflows
- Improve efficiency of vulnerability detection and remediation through automation
Collaboration & Enablement
- Work closely with engineering and platform teams to guide secure coding and deployment practices
- Advise developers on integrating security into their day-to-day workflows
- Support alignment with governance and compliance frameworks (e.g., NIST, ISO)
What We’re Looking For
Required
- 5 years of experience in DevOps, DevSecOps, or platform engineering roles
- Strong hands-on experience with CI/CD pipelines and repository management (Azure DevOps preferred)
- Experience integrating security tooling into pipelines (DAST, scanning tools, policy enforcement)
- Solid scripting skills (PowerShell, Python, or similar) for automation and pipeline enhancement
- Strong understanding of the software development lifecycle (SDLC) and secure development practices
Preferred
- Deep experience with Azure DevOps (ADO) environments
- Familiarity with security and compliance frameworks (e.g., NIST, ISO, SOC2)
- Experience working in cloud environments (Azure, AWS, or GCP)
- Exposure to containerized environments and Kubernetes security
- Familiarity with AI-assisted development tools (e.g., Copilot, Cursor, ClaudeCode)
Compensation
- Competitive base salary and/or hourly rate based on experience
- W2 benefits package available contracted employees
- Contract and contract-to-hire options may be available
Why This Role
This is an opportunity to shape how security is implemented across the entire development lifecycle, working directly with engineering teams to drive meaningful change. You’ll play a key role in building a modern DevSecOps environment where security is embedded into how software is built, not treated as an afterthought.
Vaco by Highspring values a diverse workplace and strongly encourages women, people of color, LGBTQ+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply.
EEO Notice
Vaco by Highspring is an Equal Opportunity Employer and does not discriminate against any employee or applicant for employment because of race (including but not limited to traits historically associated with race such as hair texture and hair style), color, sex (includes pregnancy or related conditions), religion or creed, national origin, citizenship, age, disability, status as a veteran, union membership, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, political affiliation, or any other protected characteristics as required by federal, state or local law.
Vaco by Highspring and its parents, affiliates, and subsidiaries are committed to the full inclusion of all qualified individuals. As part of this commitment, Vaco by Highspring and its parents, affiliates, and subsidiaries will ensure that persons with disabilities are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact HR@vaco.com .
Vaco by Highspring also wants all applicants to know their rights that workplace discrimination is illegal.
By submitting to this position, you agree that you will be giving Vaco by Highspring the exclusive right to present your as a candidate for the foregoing employment opportunity. You further agree that you have represented information about yourself accurately and have not affirmatively misrepresented your qualifications. You also agree to maintain as confidential, to the fullest extent permitted by law, any information you learn from Vaco by Highspring about the position and you will limit disclosure of information about the position only to the extent necessary to perform any obligations in furtherance of your application. In exchange, Vaco by Highspring agrees to exercise reasonable efforts to represent you through all solicitation, job screening and resume dispersal.
Privacy Notice
Vaco by Highspring and its parents, affiliates, and subsidiaries (“we,” “our,” or “Vaco by Highspring”) respects your privacy and are committed to providing transparent notice of our policies.
- California residents may access Vaco by Highspring HR Notice at Collection for California Applicants and Employees here.
- Virginia residents may access our state specific policies here.
- Residents of all other states may access our policies here.
- Canadian residents may access our policies in English here and in French here.
- Residents of countries governed by GDPR may access our policies here.
Pay Transparency Notice
Determining compensation for this role (and others) at Vaco by Highspring depends upon a wide array of factors including but not limited to:
- the individual’s skill sets, experience and training;
- licensure and certification requirements;
- office location and other geographic considerations;
- other business and organizational needs.
With that said, as required by local law, Vaco by Highspring believes that the following salary range referenced above reasonably estimates the base compensation for an individual hired into this position in geographies that require salary range disclosure. The individual may also be eligible for discretionary bonuses.