Afternoon Scrum Developer Jobs (NOW HIRING)

Position Summary: 

CPI is looking for a DevSecOps Engineerto join our application engineering team.  This is not a traditional DevOps role.  This role must recognize and imbed security across the entire application delivery lifecycle.  This teammate drives efficiency into the engineering team's work, while embedding controls, automation, and threat-aware thinking into every pipeline, deployment, and platform. 

You'll work at the intersection ofSalesforce delivery, cloud infrastructure, and application security, partnering with engineers and security teammates to ship fasterandsafer. 

 
Key Responsibilities: 

• Manage release engineering, branching strategies, automated deployments, metadata diffing, sandbox seeding, and rollback playbooks (Salesforce/GearSet are currently core applications) 

• Design and operate secure CI/CD pipelines and cloud-native services  (Salesforce, AWS, Snowflake) 

• Work in conjunction with other IT teammates to identify and resolve technical pipeline issues and escalate items while retaining ownership 

• Embed automated security gates(SAST, DAST, SCA, IaC scanning), container image scanning, and secrets detection directly into developer workflows 

• Support and extend AI and Snyk code quality gates 

• Architect and maintain AWS infrastructureIaC (Terraform), with security baselines enforced via policy-as-code 

• Containerize workloadswith Docker, orchestrate via ECS/EKS (or AKS), and harden images against CVEs and supply-chain attacks (SBOMs, signing, provenance) 

• Partner with security team for pipeline incident responseand infrastructure security events and postmortems 

• Continuously evaluatetool alerts and reduce alert fatigue through tuning and automation 

• Support and troubleshoot all pipeline & IaC tools to ensure engineering adoption 

• Contribute to scrum ceremonies as a technical voice on delivery, release readiness, and risk 

Core Experience 

• 10+ years of professional software development experienceacross one or more of: Java, .NET/C#, Python, Node.js, or Apex 

• 5+ years in a DevOps, SRE, or Platform Engineering role, with at least the last 2 years explicitly focused onDevSecOpspractices 

• Demonstrated history of owning production systems end-to-end (design, deployment, monitoring, and incident response) 

• Independent problem solver able to investigate, identify, evaluate, and drive practical solutions 

Salesforce Delivery 

• Hands-on experiencefor Salesforce CI/CD: pipeline configuration, automated testing, problem analysis, and unit test coverage enforcement (GearSet preferred) 

• Strong understanding of Salesforce metadata, sandbox strategy, and Apex test automation 

• Experience integrating Salesforce deployments with Git-based source-of-truth workflows 

Cloud & Infrastructure 

• AWSat depth: IAM, VPC design, KMS, Secrets Manager, GuardDuty, Security Hub, CloudTrail, Config, WAF 

• Dockerand container orchestration (ECS, EKS, or Kubernetes) in production 

• Infrastructure as Code: Terraform (preferred) with modular, reusable, policy-checked patterns. 

• CI/CD platforms: GitHub Actions, GitLab CI, Jenkins, or CircleCI 

Security Tooling & Practices 

• SAST/DAST/SCA tooling;  e.g. Snyk (preferrable), Checkmarx, SonarQube 

• Container/image scanning, SBOM generation, and policy-as-code 

Soft Skills 

• Strong communication - you can explain a vulnerability to an executive and a regex to a junior engineer in the same afternoon 

• Pragmatic risk thinker - you know when to block a deploy and when to file a ticket 

• Collaborative; sensitive to "security as a department ofno" 

Nice to Have 

• Salesforce certifications (Platform Developer I/II) 

• AWS certifications (Solutions Architect Professional, Security Specialty)