DevSecOps Security Engineer
SWBC, San Antonio, TX, United States
DevSecOps Security Engineer page is loaded## DevSecOps Security Engineerlocations:
San Antonio, TXtime type:
Full timeposted on:
Posted 2 Days Agojob requisition id:
R0014790SWBC is seeking a talented DevSecOps Security Engineer to leverage modern security practices and tools to enhance the security, integrity, and reliability of cloud and on-premise applications. This role partners with DevOps, engineering, and security teams to embed security across the software development lifecycle and ensure secure, compliant, and resilient application delivery.***Why you'll love this role:***You’ll have the opportunity to embed security at the core of modern cloud and DevOps environments, influencing how secure systems are designed, built, and released at scale. This role offers hands‐on ownership of cutting‐edge DevSecOps tooling while partnering closely with engineering teams in a highly regulated, security‐focused organization. If you enjoy automation, cloud security, and making a real impact across the SDLC, this role provides both challenge and growth.***Essential duties include the following:**** Design, implement, and maintain security controls within GitHub and Azure DevOps-based CI/CD pipelines.* Integrate security tools (SAST, SCA, DAST, container and secrets scanning) into pipelines.* Develop automation scripts for secure deployments, monitoring, and operational efficiency.* Secure AWS environments including services such as EC2, S3, Lambda, IAM, GuardDuty, Inspector, and CloudWatch.* Implement IAM, OIDC, secrets management, and KMS-based encryption controls.* Design and maintain Infrastructure-as-Code solutions using Terraform, CloudFormation, or AWS CDK.* Secure containerized environments using Docker and Kubernetes, including cluster hardening and policy enforcement.* Improve container security through image scanning, signing, and registry controls.* Implement logging, monitoring, alerting, and observability solutions for cloud workloads.* Monitor systems for threats, indicators of compromise, and compliance gaps.* Perform vulnerability management, tracking, and remediation.* Participate in incident response, investigation, and recovery activities.* Support audit and compliance requirements (PCI-DSS, SOC2, NIST) and coordinate with GRC teams.* Review code, infrastructure changes, and releases for security risks.* Collaborate with DevOps and engineering teams to enforce secure SDLC practices.* Provide technical guidance on security architecture and best practices.* Mentor team members and promote a culture of security, automation, and continuous improvement.* Develop and track security metrics, KPIs, and pipeline telemetry.***Serious candidates will possess the minimum qualifications:**** Bachelor’s degree in Computer Science, Information Security, or related field, or equivalent practical experience.* Minimum five (5) years of experience in DevSecOps, Cloud Security, Security Engineering.* Hands-on experience with GitHub / GitHub Actions or similar CI/CD tools.* Strong expertise in AWS cloud services and security controls.* Experience with Infrastructure-as-Code tools (Terraform preferred).* Strong understanding of CI/CD pipeline design, automation, and security integration.* Experience with containers and orchestration (Docker, Kubernetes, ECS).* Knowledge of IAM, OIDC, secrets management, and key management (KMS).* Strong understanding of Git workflows, branching strategies, and pull request processes.* Knowledge of OWASP Top 10 and application security principles.* Proficiency in scripting languages such as Python, Bash, or Go.* Experience with security tools such as Mend, SonarQube, Prowler, Trivy, OWASP ZAP, or Burp Suite.* Experience with SIEM/SOAR platforms and security automation is a plus.* AWS Certified Developer – Associate is required at time of hire.* AWS Certified DevOps Engineer – Professional is required and must be obtained within 6 months of hire.* AWS Certified Security – Specialty is highly desired and must be obtained within 6 months of hire.* AWS Certified SysOps Administrator – Associate, or AWS Certified Solutions Architect – Associate are highly desired.* Security certifications (CISSP, CCSP, GIAC) are highly desired.* Experience in financial or regulated environments.* Exposure to offensive security practices, AI/ML security risks.***SWBC offers\*:**** Competitive overall compensation package* Work/Life balance* Employee engagement activities and recognition awards* Years of Service awards* Career enhancement and growth opportunities* Leadership Academy and Mentor Program* Continuing education and career certifications* Variety of healthcare coverage options* Traditional and Roth 401(k) retirement plans* Lucrative Wellness Program*\*Based upon employee eligibility*
***Additional Information:***
SWBC is a Substance-Free Workplace and requires pre-employment drug testing.
Please note, SWBC does not hire tobacco users as allowed by law.
To learn more about SWBC, visit our website at www.SWBC.com. If interested, please click the appropriate apply button.**Join Our Team**Great People. Great Company. Great Place to Work.SWBC is a diversified financial services company providing insurance, mortgage, and investment services to financial institutions, businesses, and individuals. Headquartered in San Antonio, Texas, SWBC employs 2,400 people nationwide.At SWBC, you are not just an employee number, but a vital team member; each employee stands out and has the ability to make a direct impact at SWBC. We’re looking for the brightest and most creative to help introduce new solutions to new problems identified in the market and improve how our existing solutions can better help our users.
SWBC is a big proponent of nurturing the entrepreneurial spirit through mentorship, continuing education, internal career growth opportunities and having a platform to make meaningful changes come to life.
#J-18808-Ljbffr
San Antonio, TXtime type:
Full timeposted on:
Posted 2 Days Agojob requisition id:
R0014790SWBC is seeking a talented DevSecOps Security Engineer to leverage modern security practices and tools to enhance the security, integrity, and reliability of cloud and on-premise applications. This role partners with DevOps, engineering, and security teams to embed security across the software development lifecycle and ensure secure, compliant, and resilient application delivery.***Why you'll love this role:***You’ll have the opportunity to embed security at the core of modern cloud and DevOps environments, influencing how secure systems are designed, built, and released at scale. This role offers hands‐on ownership of cutting‐edge DevSecOps tooling while partnering closely with engineering teams in a highly regulated, security‐focused organization. If you enjoy automation, cloud security, and making a real impact across the SDLC, this role provides both challenge and growth.***Essential duties include the following:**** Design, implement, and maintain security controls within GitHub and Azure DevOps-based CI/CD pipelines.* Integrate security tools (SAST, SCA, DAST, container and secrets scanning) into pipelines.* Develop automation scripts for secure deployments, monitoring, and operational efficiency.* Secure AWS environments including services such as EC2, S3, Lambda, IAM, GuardDuty, Inspector, and CloudWatch.* Implement IAM, OIDC, secrets management, and KMS-based encryption controls.* Design and maintain Infrastructure-as-Code solutions using Terraform, CloudFormation, or AWS CDK.* Secure containerized environments using Docker and Kubernetes, including cluster hardening and policy enforcement.* Improve container security through image scanning, signing, and registry controls.* Implement logging, monitoring, alerting, and observability solutions for cloud workloads.* Monitor systems for threats, indicators of compromise, and compliance gaps.* Perform vulnerability management, tracking, and remediation.* Participate in incident response, investigation, and recovery activities.* Support audit and compliance requirements (PCI-DSS, SOC2, NIST) and coordinate with GRC teams.* Review code, infrastructure changes, and releases for security risks.* Collaborate with DevOps and engineering teams to enforce secure SDLC practices.* Provide technical guidance on security architecture and best practices.* Mentor team members and promote a culture of security, automation, and continuous improvement.* Develop and track security metrics, KPIs, and pipeline telemetry.***Serious candidates will possess the minimum qualifications:**** Bachelor’s degree in Computer Science, Information Security, or related field, or equivalent practical experience.* Minimum five (5) years of experience in DevSecOps, Cloud Security, Security Engineering.* Hands-on experience with GitHub / GitHub Actions or similar CI/CD tools.* Strong expertise in AWS cloud services and security controls.* Experience with Infrastructure-as-Code tools (Terraform preferred).* Strong understanding of CI/CD pipeline design, automation, and security integration.* Experience with containers and orchestration (Docker, Kubernetes, ECS).* Knowledge of IAM, OIDC, secrets management, and key management (KMS).* Strong understanding of Git workflows, branching strategies, and pull request processes.* Knowledge of OWASP Top 10 and application security principles.* Proficiency in scripting languages such as Python, Bash, or Go.* Experience with security tools such as Mend, SonarQube, Prowler, Trivy, OWASP ZAP, or Burp Suite.* Experience with SIEM/SOAR platforms and security automation is a plus.* AWS Certified Developer – Associate is required at time of hire.* AWS Certified DevOps Engineer – Professional is required and must be obtained within 6 months of hire.* AWS Certified Security – Specialty is highly desired and must be obtained within 6 months of hire.* AWS Certified SysOps Administrator – Associate, or AWS Certified Solutions Architect – Associate are highly desired.* Security certifications (CISSP, CCSP, GIAC) are highly desired.* Experience in financial or regulated environments.* Exposure to offensive security practices, AI/ML security risks.***SWBC offers\*:**** Competitive overall compensation package* Work/Life balance* Employee engagement activities and recognition awards* Years of Service awards* Career enhancement and growth opportunities* Leadership Academy and Mentor Program* Continuing education and career certifications* Variety of healthcare coverage options* Traditional and Roth 401(k) retirement plans* Lucrative Wellness Program*\*Based upon employee eligibility*
***Additional Information:***
SWBC is a Substance-Free Workplace and requires pre-employment drug testing.
Please note, SWBC does not hire tobacco users as allowed by law.
To learn more about SWBC, visit our website at www.SWBC.com. If interested, please click the appropriate apply button.**Join Our Team**Great People. Great Company. Great Place to Work.SWBC is a diversified financial services company providing insurance, mortgage, and investment services to financial institutions, businesses, and individuals. Headquartered in San Antonio, Texas, SWBC employs 2,400 people nationwide.At SWBC, you are not just an employee number, but a vital team member; each employee stands out and has the ability to make a direct impact at SWBC. We’re looking for the brightest and most creative to help introduce new solutions to new problems identified in the market and improve how our existing solutions can better help our users.
SWBC is a big proponent of nurturing the entrepreneurial spirit through mentorship, continuing education, internal career growth opportunities and having a platform to make meaningful changes come to life.
#J-18808-Ljbffr