Hybrid Application Security Architect - DevSecOps - Full Time at Isofttek Inc

We are seeking a highly skilled and experienced Application Security Architect with strong DevSecOps expertise to assess and modernize CI/CD pipelines, eliminate manual processes, and embed security controls into every phase of the Software Development Lifecycle (SDLC).

 Location: NJ/Charlotte – Day 1 Onsite
 Type: Full-time

Key Responsibilities:

• Assess architecture, controls, processes, and deployments of secure CI/CD pipelines.
• Review and enhance integration of security controls and automation in workflows.
• Collaborate with Development, Operations, and Security teams to ensure best practices and compliance.
• Evaluate and automate security checks, tool integrations, and lifecycle security.
• Develop strategies to modernize pipelines and remove manual processes.

Required Skills & Qualifications:

• Proven experience designing and securing DevOps pipelines.
• Strong knowledge of cloud technologies, automation tools, and security frameworks.
• Hands-on experience with CI/CD tools (Jenkins, GitLab CI, GitHub Actions, Azure DevOps).
• Expertise in Docker, Kubernetes, and Infrastructure-as-Code (Terraform, Ansible, CloudFormation).
• Proficiency in security tools (SAST, DAST, SCA, secrets management).
• Experience with AWS, Azure, or GCP security services.
• Strong understanding of Secure SDLC, OWASP Top 10, and remediation practices.
• Scripting skills (Python, Bash, PowerShell).
• Familiarity with compliance frameworks (NIST, ISO 27001, SOC 2).

Preferred Qualifications:

• Certifications: CISSP, CCSP, or equivalent.
• Cloud certifications (AWS, Azure, GCP) with Security/DevOps focus.

If this opportunity aligns with your expertise and career goals, please reply with your updated resume and availability for discussion.

Looking forward to connecting.