Senior Application & DevSecOps Engineer

The Senior Application & DevSecOps Engineer is responsible for ensuring that security is built into every line of code and every stage of the software development lifecycle (SDLC). This is a hands-on engineering role that requires a deep understanding of modern software architecture, microservices, and automated delivery pipelines.

You will act as the technical authority for Product Security, performing everything from manual code reviews and threat modeling to the integration of automated security gates. Your mission is to empower developers to ship high-quality, secure software without compromising velocity., * Design and implement the Secure SDLC framework, integrating security gates directly into DevOps pipelines.

• Deploy and manage SAST, DAST, and SCA tooling (e.g., Veracode, Checkmarx, SonarQube, Snyk) to automate vulnerability detection.
• Secure containerized environments (Docker/Kubernetes) and microservices architecture within the CI/CD flow.

Code Review & Security Testing

• Perform manual and automated code reviews across multiple languages, including Java, C#, Python, and Go.
• Execute API security testing and advanced vulnerability assessments using tools like Burp Suite Professional.
• Lead Threat Modeling sessions during the design phase to identify and mitigate architectural flaws before code is written.

Product Security & Architecture

• Define and promote secure design patterns and coding standards across the engineering organization.
• Partner with development teams to prioritize and remediate vulnerabilities based on business risk.
• Support incident response teams during application-level security events or data breach investigations.

• Security Tooling: Veracode, Checkmarx, SonarQube, Snyk, Burp Suite, or Mend.io.
• DevOps & CI/CD: GitHub Actions, GitLab CI, Jenkins, and Azure DevOps.
• Environments: Docker, Kubernetes (K8s), and Serverless architectures.
• Languages: Proficiency in reading/analyzing Java, C#, Python, or Go.
• Frameworks: Strong knowledge of OWASP Top 10 (Web, API, and Mobile)., * 6-8+ years in Application Security, DevSecOps, or Software Engineering with a focus on security.
• Technical Depth: Ability to explain complex vulnerabilities to developers and provide actionable remediation guidance.
• Automation Mindset: Experience treating "Security as Code" and automating security checks in high-velocity environments.
• Strategic Perspective: Proven track record of implementing threat modeling and secure design principles.
• Background: Often comes from a Software Development background with a transition into Cybersecurity.

• Competitive base
• Comprehensive benefits and wellness support
• Flexible work model: hybrid, remote, or in-office
• Real growth opportunities and leadership visibility
• Inclusive, respectful culture that blends U.S. innovation with Colombian heart
• A company that listens, invests in you, and celebrates wins together

At AspenView, we are passionate about transforming the way organizations approach technology. We specialize in creating high-performing, nearshore IT teams to help North American clients innovate faster and more efficiently. As we continue to grow, we're looking for exceptional people to join our team and help drive impactful change across industries. Why Join AspenView? At AspenView, we're more than a nearshore IT partner-we're a people-first, purpose-driven company that believes great culture drives great outcomes. We're passionate about connecting talent and technology to deliver measurable value for clients-and meaningful career paths for our people., AspenView is proud to be an equal opportunity employer. We believe in creating an environment where all employees feel welcome, valued, and empowered to succeed. We celebrate diversity and strive to build a culture of inclusion where all individuals, regardless of their race, color, gender, gender identity or expression, sexual orientation, disability, age, or any other characteristic, can thrive. We encourage applicants from all walks of life to join our team and make a lasting impact.