Cayuse
Cayuse

Senior DevSecOps Engineer

engineeringfull-timeRemote
SALARY
Not listed
WORK TYPE
remote
JOB TYPE
full-time
INDUSTRY
general
Apply for this position
✦ AutoApply Let us apply to roles like this on your behalf.
Learn more

About the role

Responsibilities

Vulnerability Management and Remediation

  • Assist in the end-to-end vulnerability management lifecycle: discovery, triage, prioritization, remediation tracking, and reporting across applications, containers, and cloud infrastructure.
  • Administer and tune Snyk (SCA, container, and IaC scanning), SonarQube (SAST and code quality gates), and AWS Inspector (EC2, ECR, and Lambda vulnerability scanning) to maximize signal and reduce false positives.
  • Aggregate and normalize findings across scanners into a single prioritized backlog, using severity, exploitability, and asset criticality to drive risk-based remediation.
  • Partner with product engineering teams to remediate findings, providing concrete guidance and tracking SLAs to closure rather than just reporting on counts.
  • Establish and enforce policy-as-code and quality/security gates in CI so vulnerabilities are caught before merge and deployment.
  • Drive container and base-image hygiene across EKS workloads, including image scanning, patching cadence, and remediation of vulnerable dependencies.

Secure Pipelines and Automation

  • Design, build, and maintain secure CI/CD pipelines using Bitbucket Pipelines, integrating Snyk, SonarQube, and other security scanning natively into the build and deploy flow.
✦ Let us apply for you
We find roles like this and apply on your behalf. Cover letter written for each one. Plans from $15/mo. Cancel anytime.
Get AutoApply
Apply now
Senior DevSecOps Engineer at Cayuse — Remote