Overview:
We're looking for a passionate Senior DevSecOps Engineer with a talent for building quality software solutions. You will work in a fast-paced, agile environment and engage in technical discussions, participate in technical designs, demonstrate problem-solving abilities, and present and share ideas through global collaboration.
Responsibilities:
As a DevSecOps Engineer, you will:
* Design, build, and maintain secure CI/CD pipelines using Azure DevOps Pipelines and GitHub Actions, including YAML workflows, templates, reusable actions, stages, agents, and secret management.
* Implement and tune quality gates using tools such as SonarCloud, ensuring builds fail on policy violations and code quality thresholds are enforced.
* Integrate AI-assisted code review and productivity tools such as Bugbot-style reviewers and Copilot PR summaries to improve review efficiency and developer feedback.
* Strengthen shift-left security by implementing secret scanning, dependency review, and dependency management practices using tools such as GitHub Advanced Security, and related controls.
* Enforce secure development practices that prevent secrets from being stored in code, pipelines, or artifacts.
* Establish and enforce traceability standards across branches, commits, pull requests, and releases, including Jira key linkage, CI validation, and release note synchronization.
* Support versioning and release automation, including branch-aware versioning, semantic-release or equivalent tooling, changelog generation, tag management, and hotfix promotion workflows.
* Build and support Windows desktop installer pipelines and packaging processes using WiX Toolset and InstallShield, including MSI authoring, upgrades, rollback, repair, and silent installation support.
* Provide hands-on support for TRIOS software projects by contributing code development as needed, in alignment with project priorities and team objectives.
* Maintain and improve DevSecOps governance through CODEOWNERS, branch protection, pull request policies, and clear operational documentation such as runbooks and workflow guides.
* Generate, store, and manage SBOMs for each build using tools such as CycloneDX, SPDX, create-spdx, Syft, or equivalent tooling to support compliance requirements.
* Define and track developer productivity and security metrics, including bot effectiveness, Sonar gate failure rates, time to merge, revision rounds, deployment frequency, lead time for changes, and change failure rate.
* Collaborate closely with software engineering, QA, product security, and operations teams to improve delivery speed, platform security, and engineering consistency.
* Document and continuously improve pipeline architecture, security controls, release workflows, and operational procedures.
* Mentor teammates on DevSecOps, automation, pipeline design, and secure engineering best practices.
As a Team Member, you will:
* Participate in all team meetings and ceremonies in direct collaboration with other sites, provide input and feedback, take ownership on identified improvements.
* Actively participate in learning and sharing activities either during informal or formal training and demos.
* Demonstrate continuous technical improvement.
Qualifications:
Education:
* Bachelor's Degree in computer science or computer engineering preferred, or equivalent combination of education, training, and experience
Required:
* 7+ years of relevant experience building, designing, and implementing CI/CD pipelines for Windows and/or Linux-based software development projects.
* Proficient with scripting languages such as C#, Java, Javascript, Python, bitbake, or Bash.
* Experience with Wix or InstallShield is a needed.
* Strong understanding of cloud security best practices and IAM management.
* Strong communication and collaboration skills, with experience working in cross-functional teams.
* Proficient with build tools and pipelines such as GitHub Actions, Azure Pipelines, Artifactory, etc.
* Experience with logging, performance monitoring, and performance tuning tools.
* Experience with container runtimes and orchestration tools such as Docker or Kubernetes.
Desired:
* Knowledge of CI/CD pipelines and infrastructure as code.
* Experience with performance monitoring and analytics tools.
* Experience generating SBOM (Software Bill of Materials) through build pipelines.
* Familiarity with cloud service providers (AWS, Azure, Google Cloud) and their security measures.
* Ability to work collaboratively in a fast-paced environment.
* Familiarity with infrastructure as code.
* Familiarity with monitoring and logging tools such as Prometheus, Grafana, Loki, or Datadog.
* Understanding of embedded systems architecture and development.
* Familiarity with tools like Ansible and Terraform for automation and infrastructure management.
* Cloud and Security Certification is a plus.
Preferred:
* Experience working in an analytical instrumentation domain
* Networking and TCPI/IP communication
* Interfacing with embedded devices
Share this job:
Share this Job
