Security Engineer / Onsite / Phoenix
Motion Recruitment Partners LLC, Phoenix, AZ, United States
A growing enterprise organization located onsite is hiring a Security Engineer to focus on code scanning and secrets remediation within modern DevOps environments. This is a full-time opportunity centered around securing source code repositories and CI/CD pipelines through secret detection, credential rotation, and secure development practices. The environment includes Git-based workflows, CI/CD automation, cloud identity integrations, and scripting across Python, Bash, and PowerShell.
The #1 feature of this opportunity is ownership. This is not a passive scanning role — they need someone who can identify exposed credentials, assess blast radius, lead rotation and revocation efforts, and implement preventative controls that stop secrets from landing in code in the first place. They are looking for a hands‑on security engineer who enjoys partnering directly with development and DevOps teams to build repeatable processes, improve secure SDLC practices, and create long‑term operational impact. This role offers high visibility, real influence over engineering security posture, and the ability to shape how code security is operationalized across the organization.
Required Skills & Experience
4+ years of experience in Security Engineering, DevSecOps, or Application Security
Hands‑on experience with code scanning or static analysis tools
Experience with secrets management and credential rotation practices
Strong understanding of Git workflows and CI/CD pipelines
Ability to write automation scripts using Python, Bash, or PowerShell
Experience collaborating with development and infrastructure teams
Desired Skills & Experience
Experience with Datadog Code Security or similar platforms (GitHub Advanced Security, Snyk, SonarQube, Veracode)
Familiarity with Vault, KMS, Azure Key Vault, or other key management systems
Experience implementing preventative controls within CI/CD pipelines
Knowledge of secure SDLC and common application security vulnerabilities
What You Will Be Doing
Tech Breakdown
30% Code scanning & static analysis tools
25% CI/CD pipelines and Git workflows
20% Secrets management & credential rotation
15% Cloud identity & access integrations
10% Scripting & automation
Daily Responsibilities
50% Hands On remediation, triage, and credential rotation
10% Management Duties (process ownership, reporting, documentation)
40% Team Collaboration with DevOps, Engineering, and Security teams
#J-18808-Ljbffr
The #1 feature of this opportunity is ownership. This is not a passive scanning role — they need someone who can identify exposed credentials, assess blast radius, lead rotation and revocation efforts, and implement preventative controls that stop secrets from landing in code in the first place. They are looking for a hands‑on security engineer who enjoys partnering directly with development and DevOps teams to build repeatable processes, improve secure SDLC practices, and create long‑term operational impact. This role offers high visibility, real influence over engineering security posture, and the ability to shape how code security is operationalized across the organization.
Required Skills & Experience
4+ years of experience in Security Engineering, DevSecOps, or Application Security
Hands‑on experience with code scanning or static analysis tools
Experience with secrets management and credential rotation practices
Strong understanding of Git workflows and CI/CD pipelines
Ability to write automation scripts using Python, Bash, or PowerShell
Experience collaborating with development and infrastructure teams
Desired Skills & Experience
Experience with Datadog Code Security or similar platforms (GitHub Advanced Security, Snyk, SonarQube, Veracode)
Familiarity with Vault, KMS, Azure Key Vault, or other key management systems
Experience implementing preventative controls within CI/CD pipelines
Knowledge of secure SDLC and common application security vulnerabilities
What You Will Be Doing
Tech Breakdown
30% Code scanning & static analysis tools
25% CI/CD pipelines and Git workflows
20% Secrets management & credential rotation
15% Cloud identity & access integrations
10% Scripting & automation
Daily Responsibilities
50% Hands On remediation, triage, and credential rotation
10% Management Duties (process ownership, reporting, documentation)
40% Team Collaboration with DevOps, Engineering, and Security teams
#J-18808-Ljbffr