Senior Development Security Operations Engineer

• Implement and enforce policy-as-code frameworks, ensuring that security requirements are version-controlled, machine-readable, and automatically enforced across build, deployment, and runtime environments.

• Lead the implementation of code repository security controls (e.g., Bitbucket, GitHub, GitLab, Azure DevOps), including branch protections, access controls, commit integrity checks, and prevention of unauthorized or insecure code changes.

• Develop and maintain security guardrails for developer platforms, ensuring secure configurations for pipelines, repositories, and development environments.

• Integrate security controls into cloud-native environments, including container platforms (e.g., Kubernetes) and infrastructure-as-code provisioning tools such as Terraform, Azure Resource Manager (ARM), and AWS CloudFormation.

• Implement secrets management solutions, ensuring secure storage, rotation, and usage of credentials, Application Programming Interface (API) keys, and tokens across applications and pipelines.

• Automate enforcement of secure development standards by embedding security checks directly into engineering workflows and deployment processes.

• Partner with Application Security to translate requirements into technical controls and ensure consistent enforcement across all application environments.

• Design and implement controls to secure the software supply chain, including dependency management, Software Bill of Materials (SBOM) generation, and protection against malicious or vulnerable third-party components.

• Build and maintain monitoring, logging, and alerting capabilities for pipeline and application security events to enable rapid detection and response.

• Drive continuous improvement of DevSecOps capabilities, including automation, standardization, and performance optimization of security tooling.

• Provide technical leadership and mentorship to engineers on DevSecOps practices, automation, and secure platform engineering.

• Other duties as assigned.

• 7+ years of experience in DevSecOps, security engineering, or platform engineering, with strong hands-on experience implementing CI/CD and automation solutions.

• Strong hands-on experience with code repository platforms (e.g., GitHub, GitLab, Azure DevOps), including implementation of advanced security controls and governance.

• Deep experience with cloud-native technologies, including containers (Docker), orchestration platforms (Kubernetes), and infrastructure-as-code tools such as Terraform, Azure Resource Manager (ARM), and AWS CloudFormation.

• Strong understanding of software supply chain security risks and controls, including dependency management and Software Bill of Materials (SBOM) practices.

• Experience implementing policy-as-code frameworks using tools such as Azure Policy, AWS Config, Open Policy Agent (OPA), or similar technologies.

• Proficiency in scripting and automation (e.g., Python, PowerShell, Bash) and DevOps tooling (e.g., Jenkins, GitHub Actions, Azure Pipelines).

• Strong understanding of the Secure Development Lifecycle (SDLC) and the ability to operationalize controls within engineering environments.

• Ability to collaborate effectively with Application, Cybersecurity, and business teams to implement scalable security solutions.

• Strong written and oral communication skills, including the ability to present ideas and suggestions clearly and effectively.

• Ability to work with different functional groups and levels of employees to effectively and professionally achieve results.

• Strong organizational skills; ability to accomplish multiple tasks within the agreed upon timeframes through effective prioritization of duties and functions in a fast-paced environment.

• Approximately 5% travel may be required in support of the position's responsibilities.

American Tower also offers a comprehensive benefits package, which includes healthcare coverage, a 401(k) savings plan, paid time off, company holidays, sick leave, parental leave, and access to an Employee Assistance Program focused on mental and financial wellness, please click here (https://www.americantower.com/us/careers/benefits) to learn more.

American Tower is a global digital infrastructure company serving customers through tower sites and other real estate solutions that support connectivity and opportunity, focused on achieving our vision of Building a More Connected World. Our success is rooted in the potential of our people and the power of local teams at our offices and sites across 25 countries. We are one of the largest global Real Estate Investment Trusts (REITs) and a publicly traded (NYSE:AMT), Fortune 500 Company headquartered in Boston, Massachusetts. The next decade will be an exciting time as we evolve our infrastructure to meet tomorrow's needs and position our people to elevate their impact, their potential, and our shared success. Come grow your career with us!