Senior Devsecops Jobs (NOW HIRING)

We are seeking a seasoned Red Team Lead to spearhead offensive security operations and proactively identify vulnerabilities across our infrastructure and applications. This role will collaborate closely with our VP of Security & DevOps and interface with our SRE and DevOps teams to ensure robust security posture across all environments.

As the Senior DevSecOps Engineer you will work alongside developers to bake in security early and support our DevOps/Platform engineers in securing pipelines and infrastructure. You will partner with QA/Testing teams to build security test cases, advise product owners on risks and compliance needs and act as a bridge to InfoSec for vulnerability management and audits.

Key Responsibilities

Red Team: Form, Lead, and Execute Red Team engagements simulating real-world attack scenarios. Collaborate with SRE and DevOps teams to validate findings and recommend remediation strategies. Manage full attack lifecycle operations: reconnaissance, exploitation, persistence, lateral movement, and exfiltration.

Security by Design: Integrate security requirements and controls into architecture, design, and coding practices.

Code & Dependency Review: Automate and conduct reviews of code, libraries, and dependencies to identify vulnerabilities.

Threat Modeling & Risk Assessment: Collaborate with engineers to assess potential attack vectors and recommend mitigations.

Secure CI/CD Pipelines: Implement static (SAST), dynamic (DAST), and dependency scanning tools into CI/CD pipelines.

Cloud & Infrastructure Security: Work with DevOps to secure Kubernetes, containers, secrets management, and cloud environments (AWS/GCP/Azure).

Required Skills

• 5+ years' professional experience in a DevSecOps environment
• Strong background in application security (OWASP, NIST, MITRE ATT&CK)
• Proficiency in one or more programming languages (C#, Python, Java, or JavaScript)
• Experience with CI/CD and DevSecOps tooling (SonarQube, Snyk, Veracode, GitHub Actions, etc.)
• Familiarity with container security (Docker, Kubernetes, Istio)
• Cloud security expertise (IAM, secrets management, network segmentation)
• Knowledge of regulatory/compliance frameworks relevant to the organization
• Experience with penetration testing or red teaming, a plus!
• Certifications (e.g., CISSP, OSCP, CEH, CCSK), a plus!
• Familiarity with zero-trust architectures, a plus!
• Hands-on with Infrastructure as Code (Terraform, Helm, Pulumi), a plus!

COMPENSATION
This is a full-time, salaried, remote position. Compensation commensurate on experience. Participation in company benefit offerings include medical, dental, vision, unlimited paid leave, 401(k) matching, wellness, and more.

NEXT STEPS
If you meet the requirements, and are interested in applying for this role, please complete the online application, be sure to include a current resume and contact information. Eastern and Central Time Zones highly preferred. NO PHONE CALLS PLEASE.

ABOUT TEAM VELOCITY
Team Velocity is a full-service marketing agency serving the automotive industry, providing fully integrated marketing solutions to OEMs and dealerships nationwide. We are revolutionizing the automotive industry with cutting-edge technology to help dealers sell and service more cars. Made by dealers for dealers, Team Velocity’s proprietary technology platform Apollo® analyzes consumer behavior to predict who will buy, what they will buy, and when they are ready to service. Apollo automates the entire communication process by delivering hyper-personalized campaigns across every touchpoint, maximizing ROI, and lifetime revenue.

Our vision is to serve our clients with a single technology platform that empowers them to execute intelligent marketing across every online and offline channel. We aim to deliver a frictionless consumer experience, from the initial engagement to a final transaction.

Our team members are hard-working and driven to achieve success for our clients and our unique culture promotes creativity, camaraderie, and success.