Find The RightJob.
Security Operations Support
Job Information
Date Opened
02/17/2026
Job Type
Full time
Industry
IT Services
Remote Job
Job Description
This is a remote position.
Job Summary:
*Deep technical knowledge* of the OWASP Top 10, Cloud Security Posture Management (CSPM), CVSS scoring, and software supply chain security.
*Lead DevSecOps Advocacy and Training:* Provide clear guidance to Engineering and Product teams to foster a culture of shared security responsibility
*Embed Security into CI/CD Pipelines:* Partner with DevOps teams to integrate "shift-left" controls, quality gates, and automated security testing (SAST/SCA/IaC) into actions,
*Build DevSecOps Dashboards and Reporting:* Develop executive-level KPIs/KRIs covering vulnerability aging, MTTR (Mean Time to Remediate), pipeline pass/fail rates, and measurable risk reduction across the enterprise
*Own software supply chain security (SCA):* Utilize JFrog Xray for policy enforcement, including vulnerable dependency detection, license governance, and automated blocking of malicious components within the artifact repository.
*Drive Static Analysis (SAST) and Code Quality:* Use SonarQube to partner with development teams, reducing critical/high findings and implementing sustainable coding standards that are integrated directly into the developer's IDE and pull request workflow.
*Conduct Dynamic Testing (DAST):* Coordinate testing using Burp Suite to validate exploitability and reproduce issues, while working to automate baseline DAST scans within the CI/CD pipeline.
*Lead the end-to-end vulnerability lifecycle:* discovery, triage, risk assessment, prioritization, remediation tracking, validation, and closure across Azure cloud environments.
*Operate and optimize Microsoft Defender for Cloud (Azure Defender) and Defender fo Endpoint:* Improve cloud security posture, reduce misconfigurations, and drive remediation across compute, networking, storage, identity, and container workloads (AKS/OCR).
{*}Infrastructure-as-Code (IaC) security : D{*}efining and enforcing policies for Terraform, ARM templates, or Bicep.
Job Title:
Security Architect - Hybrid
Minimum Qualifications and Job Requirements:
5- 7 years of Application security and Vulnerability management experience
*Certifications (one or more highly preferred):*
*Deep technical knowledge* of the OWASP Top 10, Cloud Security Posture Management (CSPM), CVSS scoring, and software supply chain security.
*Lead DevSecOps Advocacy and Training:* Provide clear guidance to Engineering and Product teams to foster a culture of shared security responsibility
*Embed Security into CI/CD Pipelines:* Partner with DevOps teams to integrate "shift-left" controls, quality gates, and automated security testing (SAST/SCA/IaC) into actions,
*Build DevSecOps Dashboards and Reporting:* Develop executive-level KPIs/KRIs covering vulnerability aging, MTTR (Mean Time to Remediate), pipeline pass/fail rates, and measurable risk reduction across the enterprise
*Own software supply chain security (SCA):* Utilize JFrog Xray for policy enforcement, including vulnerable dependency detection, license governance, and automated blocking of malicious components within the artifact repository.
*Drive Static Analysis (SAST) and Code Quality:* Use SonarQube to partner with development teams, reducing critical/high findings and implementing sustainable coding standards that are integrated directly into the developer's IDE and pull request workflow.
*Conduct Dynamic Testing (DAST):* Coordinate testing using Burp Suite to validate exploitability and reproduce issues, while working to automate baseline DAST scans within the CI/CD pipeline.
*Lead the end-to-end vulnerability lifecycle:* discovery, triage, risk assessment, prioritization, remediation tracking, validation, and closure across Azure cloud environments.
*Operate and optimize Microsoft Defender for Cloud (Azure Defender) and Defender fo Endpoint:* Improve cloud security posture, reduce misconfigurations, and drive remediation across compute, networking, storage, identity, and container workloads (AKS/OCR).
{*}Infrastructure-as-Code (IaC) security : D{*}efining and enforcing policies for Terraform, ARM templates, or Bicep.
Job Title:
Security Architect - Hybrid
Minimum Qualifications and Job Requirements:
5- 7 years of Application security and Vulnerability management experience
*Certifications (one or more highly preferred):*
- CEH
- OSCP
- CSSLP
- GWAPT
Similar jobs
No similar jobs found
© 2026 Qureos. All rights reserved.