Application Security / DevSecOps Engineer

Dice is the leading career destination for tech experts at every stage of their careers. Our client, Kanshe Infotech, is seeking the following. Apply via Dice today!

Role: Application Security / DevSecOps Engineer (Python, AWS)
• *Location:**

Remote
• *Key Skills:**

AppSec | DevSecOps | Python | AWS | Security Scanning | Snyk | Wiz | SonarQube | Containers
• *Overview**

We are seeking a highly technical
• *Application Security / DevSecOps Engineer**

with deep experience securing modern cloud-native applications and containerized workloads. This role will focus on integrating security throughout the
• *software development lifecycle (SDLC)**

while working closely with engineering and DevOps teams to identify, remediate, and prevent vulnerabilities across
• *AWS environments**

.The ideal consultant will be a
• *strong Python developer**

with hands-on expertise in
• *security scanning platforms such as Snyk, SonarQube, and Wiz**

, and will have experience securing
• *containerized workloads running in cloud environments**

.
• *Responsibilities**

Application Security & DevSecOps
• Embed security best practices into the CI/CD pipeline and software development lifecycle.
• Implement and manage application security scanning across code, dependencies, and containers.
• Perform SAST, SCA, and vulnerability analysis to identify and remediate security risks.
• Partner with engineering teams to prioritize and remediate vulnerabilities.

Security Scanning & Tooling
• Implement and manage security scanning tools including:
• Snyk (SCA & SAST)
• SonarQube
• Wiz
• Automate scanning and policy enforcement within CI/CD pipelines.
• Develop reporting dashboards and remediation workflows.

Cloud & Container Security
• Secure containerized workloads running on AWS.
• Implement security best practices for Kubernetes, Docker, and serverless workloads.
• Monitor cloud security posture and address vulnerabilities across infrastructure and applications.

Development & Automation
• Build and maintain security automation using Python.
• Create scripts and tooling to automate vulnerability remediation, scanning, and reporting.
• Integrate security checks into build pipelines and deployment workflows.

Collaboration
• Work closely with DevOps, platform engineering, and application development teams.
• Provide guidance on secure coding practices and threat mitigation strategies.
• Assist in defining security architecture for new cloud-native applications.
• *Required Skills**

Technical Skills
• Strong Python development experience.
• Application security experience in modern DevOps environments.
• Hands-on experience with Snyk (SCA & SAST).
• Experience with SonarQube and Wiz security platforms.
• AWS cloud security experience.
• Container security (Docker, Kubernetes).
• CI/CD security integration (GitHub Actions, Jenkins, GitLab, etc.).

Security Expertise
• SAST, SCA, and vulnerability management
• Secure Software Development Lifecycle (SSDLC)
• Dependency and open-source security scanning
• Cloud Security Posture Management

Nice to Have
• Experience with IaC security (Terraform, CloudFormation).
• Knowledge of threat modeling and penetration testing.
• Experience implementing DevSecOps programs.