DevSecOps Engineer

🕒 December 12, 2025

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Quzara LLC

WebsiteLinkedInAll Job Openings

11 - 50 employees

Founded 2015

🔒 Cybersecurity

📋 Compliance

Cybersecurity • Compliance • Cloud Security

Quzara LLC is a cybersecurity firm that specializes in compliance advisory, cloud security, and managed security operations. The company's services include Federal Security & Compliance, managed detection and response, cloud security configuration audits, and vulnerability management. Quzara's mission is to provide strategic and tactical trusted advisory services to clients in both the public and private sectors, focusing on ensuring security compliance and protection against cyber threats. Notably, Quzara's Cybertorch™ service is recognized for its rigorous approach to threat monitoring and incident response, catering to standards such as FedRAMP, DoD IL-4/IL-5, and CMMC.

📋 Description

• Manage the Detections as Code (DaC) lifecycle for threat detection logic using KQL or Sigma formats, implementing version control (Git) and automated deployment pipelines. • Harden and maintain Azure DevOps (ADO) pipelines, agents, and related CI/CD workflows for both software and detection releases in high-compliance environments. • Administer and secure the Azure Container Registry (ACR), ensuring containers are scanned, patched, and aligned to STIG compliance prior to production deployment. • Implement Shift Left security techniques by integrating SAST, DAST, and compliance scans directly into build pipelines to identify vulnerabilities early. • Partner with the Threat Intelligence and SOC teams to automate deployment of detection content, hunting queries, and analytics into Microsoft Sentinel and related tools. • Build and maintain secure CI/CD templates, YAML pipelines, and secrets management for infrastructure, detection logic, and application components. • Provide audit evidence and documentation to support FedRAMP, FISMA, and CMMC continuous monitoring efforts. • Stay current with container, cloud, and CI/CD security innovations and implement them in real-time across production systems.

🎯 Requirements

• Prior experience in a DevSecOps or Security Engineering role is required (Candidates must have both DevOps experience and security background) • 3–5+ years’ experience managing CI/CD pipelines within cloud-native environments (Azure DevOps strongly preferred). • Hands-on experience deploying and managing containerized workloads (Docker, Kubernetes) in a secure and scalable way. • Advanced knowledge of Azure DevOps, Azure Kubernetes Service (AKS), Azure Container Registry, and Microsoft Sentinel/KQL. • Demonstrated experience integrating security tooling into DevOps pipelines (SAST/DAST, policy-as-code, IaC validation, etc.). • Strong familiarity with compliance frameworks such as FedRAMP, CMMC, or FISMA, and their technical enforcement in the SDLC. • Preferred Certifications: Microsoft Certified: DevOps Engineer Expert (AZ-400), Microsoft Certified: Azure Security Engineer Associate (AZ-500), Additional certifications such as SC-200 (Security Operations Analyst) or Kubernetes Security Specialist (CKS) are a plus.

🏖️ Benefits

• Health insurance • Professional development opportunities