Senior DevSecOps Engineer in Charleston

Job DescriptionJob Description

Our Financial Crimes Technology division is seeking a high-caliber Senior DevSecOps Engineer to fortify our software delivery ecosystem. In this role, you will be the primary architect of a "Security-First" engineering culture, embedding rigorous automated defenses directly into our CI/CD machinery. You will bridge the gap between rapid development and stringent regulatory compliance, ensuring that every line of code is vetted, verified, and securely orchestrated before it reaches production.

Core Competencies (Non-Negotiable)

• Enterprise DevSecOps Mastery: At least 5 years of dedicated experience securing large-scale, high-stakes environments.
• OpenShift (OCP) Specialist: Deep technical fluency in OpenShift, specifically authoring Helm Charts and managing container orchestration at scale.
• CI/CD Power User: Expert-level command of GitHub Actions and Harness CD for sophisticated deployment patterns.

Key Responsibilities & Day-to-Day Impact

1. Automated Pipeline Engineering

• Architect and optimize delivery workflows using GitHub Actions, utilizing reusable/caller patterns and matrix strategies for diverse environments.
• Engineer deployment strategies in Harness CD, including Canary, Blue-Green, and Rolling updates, while integrating event-driven triggers (e.g., via Kafka).

2. "Shift-Left" Security & Vulnerability Governance

• Hard-Gate Integration: Embed SAST (Checkmarx), SCA (Black Duck/Snyk), and Code Quality (SonarQube) tools as mandatory PR checkpoints.
• Threat Remediation: Oversee the full vulnerability lifecycle, from Prisma Cloud image scanning to tracking and closing CVEs via ServiceNow AVR.
• Artifact Integrity: Implement GPG signing and secret management through HashiCorp Vault to ensure a tamper-proof supply chain.

3. Infrastructure & Container Orchestration

• Deploy and maintain resilient workloads on OpenShift (OCP) across geographically dispersed data centers (UAT, PROD, DR).
• Enforce security via RBAC, SCC (Security Context Constraints), and sophisticated Network Policies within OCP namespaces.

4. Observability & Troubleshooting

• Construct comprehensive monitoring stacks using Splunk, AppDynamics, Prometheus, and Grafana.
• Diagnose complex, multi-tier architectural issues spanning networking, databases (Oracle/SQL), and Java-based (Spring Boot) middleware.

Technical Requirements

• : Expert proficiency in Python, Bash, or PowerShell for robust automation.
• Environments: Solid experience with Java/Spring Boot and Gradle build systems.
• Version Control: Mastery of GitFlow, mandatory peer review workflows, and code coverage enforcement.
• Governance: Familiarity with JFrog Artifactory for registry proxying and Xray policy enforcement.

Professional Qualifications

• Education: Bachelor’s degree in Computer Science, Engineering, or a related technical field.
• Sector Expertise: Previous experience within Financial Services is mandatory; specific exposure to Financial Crimes (AML, Fraud, etc.) is a significant plus.
• Soft Skills: A collaborative mindset capable of partnering with AppSec and SOC teams to interpret OWASP attack patterns and improve system reliability.