DevSecOps Engineer
Team Velocity Marketing, Virginia, MN, United States
Red Team Lead / DevSecOps Engineer
We are seeking a seasoned Red Team Lead to spearhead offensive security operations and proactively identify vulnerabilities across our infrastructure and applications. This role will collaborate closely with our VP of Security & DevOps and interface with our SRE and DevOps teams to ensure robust security posture across all environments.
As the DevSecOps Engineer you will work alongside developers to bake in security early and support our DevOps/Platform engineers in securing pipelines and infrastructure. You will partner with QA/Testing teams to build security test cases, advise product owners on risks and compliance needs and act as a bridge to InfoSec for vulnerability management and audits.
Key Responsibilities
Red Team: Form, lead, and execute engagements simulating real‑world attack scenarios, collaborate with SRE and DevOps teams to validate findings and recommend remediation, manage full attack lifecycle operations.
Security by Design: Integrate security requirements and controls into architecture, design, and coding practices.
Code & Dependency Review: Automate and conduct reviews of code, libraries and dependencies to identify vulnerabilities.
Threat Modeling & Risk Assessment: Collaborate with engineers to assess potential attack vectors and recommend mitigations.
Secure CI/CD Pipelines: Implement SAST, DAST, and dependency scanning tools into CI/CD pipelines.
Cloud & Infrastructure Security: Work with DevOps to secure Kubernetes, containers, secrets management, and cloud environments (AWS/GCP/Azure).
Required Skills
Strong background in application security (OWASP, NIST, MITRE ATT&CK)
Experience with CI/CD and DevSecOps tooling (SonarQube, Snyk, Veracode, GitHub Actions, etc.)
Familiarity with container security (Docker, Kubernetes, Istio)
Cloud security expertise (IAM, secrets management, network segmentation)
Knowledge of regulatory/compliance frameworks relevant to the organization
Experience with penetration testing or red teaming, a plus!
Familiarity with zero‑trust architectures, a plus!
Hands‑on with Infrastructure as Code (Terraform, Helm, Pulumi), a plus!
Compensation
This is a full‑time, salaried, remote position. Compensation commensurate with experience. Participation in company benefit offerings include medical, dental, vision, unlimited paid leave, 401(k) matching, wellness, and more.
Next Steps
If you meet the requirements and are interested in applying for this role, please complete the online application, include a current resume and contact information. Eastern and Central Time Zones highly preferred. NO PHONE CALLS PLEASE.
Company
Team Velocity is a full-service marketing agency serving the automotive industry, providing fully integrated marketing solutions to OEMs and dealerships nationwide. We leverage technology to deliver integrated marketing solutions.
#J-18808-Ljbffr
We are seeking a seasoned Red Team Lead to spearhead offensive security operations and proactively identify vulnerabilities across our infrastructure and applications. This role will collaborate closely with our VP of Security & DevOps and interface with our SRE and DevOps teams to ensure robust security posture across all environments.
As the DevSecOps Engineer you will work alongside developers to bake in security early and support our DevOps/Platform engineers in securing pipelines and infrastructure. You will partner with QA/Testing teams to build security test cases, advise product owners on risks and compliance needs and act as a bridge to InfoSec for vulnerability management and audits.
Key Responsibilities
Red Team: Form, lead, and execute engagements simulating real‑world attack scenarios, collaborate with SRE and DevOps teams to validate findings and recommend remediation, manage full attack lifecycle operations.
Security by Design: Integrate security requirements and controls into architecture, design, and coding practices.
Code & Dependency Review: Automate and conduct reviews of code, libraries and dependencies to identify vulnerabilities.
Threat Modeling & Risk Assessment: Collaborate with engineers to assess potential attack vectors and recommend mitigations.
Secure CI/CD Pipelines: Implement SAST, DAST, and dependency scanning tools into CI/CD pipelines.
Cloud & Infrastructure Security: Work with DevOps to secure Kubernetes, containers, secrets management, and cloud environments (AWS/GCP/Azure).
Required Skills
Strong background in application security (OWASP, NIST, MITRE ATT&CK)
Experience with CI/CD and DevSecOps tooling (SonarQube, Snyk, Veracode, GitHub Actions, etc.)
Familiarity with container security (Docker, Kubernetes, Istio)
Cloud security expertise (IAM, secrets management, network segmentation)
Knowledge of regulatory/compliance frameworks relevant to the organization
Experience with penetration testing or red teaming, a plus!
Familiarity with zero‑trust architectures, a plus!
Hands‑on with Infrastructure as Code (Terraform, Helm, Pulumi), a plus!
Compensation
This is a full‑time, salaried, remote position. Compensation commensurate with experience. Participation in company benefit offerings include medical, dental, vision, unlimited paid leave, 401(k) matching, wellness, and more.
Next Steps
If you meet the requirements and are interested in applying for this role, please complete the online application, include a current resume and contact information. Eastern and Central Time Zones highly preferred. NO PHONE CALLS PLEASE.
Company
Team Velocity is a full-service marketing agency serving the automotive industry, providing fully integrated marketing solutions to OEMs and dealerships nationwide. We leverage technology to deliver integrated marketing solutions.
#J-18808-Ljbffr