DevSecOps Security Engineer (Builder/ SME)

Chicago, Illinois, United StatesOnsiteContractPosted 2 months agoVisa sponsorship available

Is this role right for you?

Upload your resume and get a skill-by-skill breakdown — see exactly where you match, where you're close, and what to highlight. Not a mystery percentage.

Get a tailored resume highlighting what this role needs.

Role summary

We are seeking a skilled DevSecOps Security Engineer to lead the revitalization and expansion of our DevSecOps practice. This role focuses on building and maturing security capabilities within modern engineering teams, emphasizing a security-first approach. Key responsibilities include designing and implementing security frameworks in CI/CD pipelines, integrating security tools (SAST, SCA, DAST, secrets management, container security), and acting as the primary security resource for DevSecOps initiatives. The ideal candidate will have a proven track record of building DevSecOps programs and a deep understanding of secure software development lifecycles. This is an onsite role requiring relocation to Chicago if not local.

Must be local to Chicago or willing to relocate immediately

Overview

We are seeking a highly skilled DevSecOps Security Engineer to play a critical role in revitalizing and expanding the organization’s DevSecOps practice. This position will focus on building, maturing, and scaling security capabilities across modern engineering teams.

This is not a traditional DevOps role — the ideal candidate will bring a strong security-first mindset and hands-on experience designing and implementing DevSecOps frameworks, rather than just operating within them.

Key Responsibilities

DevSecOps Program Build & Maturity

Lead the rebuild and expansion of DevSecOps practices across the organization
Design and implement scalable security frameworks within CI/CD pipelines
Drive adoption of DevSecOps practices across all development teams
Partner with Modern Engineering teams to embed security into development workflows

Security Integration & Enablement

- Act as the
primary security resource
supporting DevSecOps initiatives
- Integrate security tools and controls such as:
- Static Application Security Testing (SAST)
- Software Composition Analysis (SCA)
- Dynamic Application Security Testing (DAST)
- Secrets management
- Container security
- Establish and enforce security best practices and quality gates

Collaboration & Leadership

Work closely with Modern Engineering leadership and DevSecOps teams
Contribute to defining RACI models and operating frameworks
Provide subject matter expertise and guidance on secure software development practices
Collaborate with security leadership and cross-functional teams

Required Qualifications

Strong background in Application Security / Cybersecurity (mandatory)
Proven experience building or maturing DevSecOps programs (not just operating them)
Hands-on experience integrating security into CI/CD pipelines
Experience with security tools such as:
Prisma Cloud (preferred)
Checkmarx or similar tools
SAST / DAST / SCA tools
Deep understanding of secure software development lifecycle (SSDLC)
Ability to act as a subject matter expert (SME) in DevSecOps

Preferred Qualifications

Experience working in large enterprise environments
Familiarity with cloud security and container security practices
Exposure to DevSecOps transformation or organizational scale initiatives
Financial services experience (nice-to-have, not required)

Ideal Candidate Profile

A “builder” mindset — someone who has created and scaled DevSecOps practices
Strong security-first perspective (not purely DevOps-focused)
Comfortable working in evolving environments with undefined processes
Able to influence and drive adoption across teams
Seen as a thought leader / SME in DevSecOps

Ready to apply?

You'll be redirected to RK Management Consultants, Inc.'s application page.