Dice is the leading career destination for tech experts at every stage of their careers. Our client, Kanshe Infotech, is seeking the following. Apply via Dice today!
Role: Application Security / DevSecOps Engineer (Python, AWS)
• *Location:**
Remote
• *Key Skills:**
AppSec | DevSecOps | Python | AWS | Security Scanning | Snyk | Wiz | SonarQube | Containers
• *Overview**
We are seeking a highly technical
• *Application Security / DevSecOps Engineer**
with deep experience securing modern cloud-native applications and containerized workloads. This role will focus on integrating security throughout the
• *software development lifecycle (SDLC)**
while working closely with engineering and DevOps teams to identify, remediate, and prevent vulnerabilities across
• *AWS environments**
.
The ideal consultant will be a
• *strong Python developer**
with hands-on expertise in
• *security scanning platforms such as Snyk, SonarQube, and Wiz**
, and will have experience securing
• *containerized workloads running in cloud environments**
.
• *Responsibilities**
Application Security & DevSecOps
• Embed security best practices into the CI/CD pipeline and software development lifecycle.
• Implement and manage application security scanning across code, dependencies, and containers.
• Perform SAST, SCA, and vulnerability analysis to identify and remediate security risks.
• Partner with engineering teams to prioritize and remediate vulnerabilities.
Security Scanning & Tooling
• Implement and manage security scanning tools including:
• Snyk (SCA & SAST)
• SonarQube
• Wiz
• Automate scanning and policy enforcement within CI/CD pipelines.
• Develop reporting dashboards and remediation workflows.
Cloud & Container Security
• Secure containerized workloads running on AWS.
• Implement security best practices for Kubernetes, Docker, and serverless workloads.
• Monitor cloud security posture and address vulnerabilities across infrastructure and applications.
Development & Automation
• Build and maintain security automation using Python.
• Create scripts and tooling to automate vulnerability remediation, scanning, and reporting.
• Integrate security checks into build pipelines and deployment workflows.
Collaboration
• Work closely with DevOps, platform engineering, and application development teams.
• Provide guidance on secure coding practices and threat mitigation strategies.
• Assist in defining security architecture for new cloud-native applications.
• *Required Skills**
Technical Skills
• Strong Python development experience.
• Application security experience in modern DevOps environments.
• Hands-on experience with Snyk (SCA & SAST).
• Experience with SonarQube and Wiz security platforms.
• AWS cloud security experience.
• Container security (Docker, Kubernetes).
• CI/CD security integration (GitHub Actions, Jenkins, GitLab, etc.).
Security Expertise
• SAST, SCA, and vulnerability management
• Secure Software Development Lifecycle (SSDLC)
• Dependency and open-source security scanning
• Cloud Security Posture Management
Nice to Have
• Experience with IaC security (Terraform, CloudFormation).
• Knowledge of threat modeling and penetration testing.
• Experience implementing DevSecOps programs.