Associate DevSecOps Engineer - Mid-Atlantic region (Remote)

GuidePoint Security seeks a driven security professional to join our DevSecOps Practice in the Mid-Atlantic.

Note: This is a remote position, but candidates living in our Mid-Atlantic region (VA, MD, PA, NC, DE, NJ, or DC) are preferred.

Summary:

As an Associate DevSecOps Engineer you will work alongside experienced security professionals to deliver DevSecOps solutions to our diverse client base. You will help organizations implement security best practices throughout their software development lifecycle (SDLC), assist with vulnerability management programs, and support cloud security initiatives. This position offers excellent growth opportunities through exposure to various industries, technologies, and client environments.

Role and Responsibilities:

• Partner with clients to assess their current DevSecOps practices and help implement security improvements
• Support the implementation and configuration of security tools within clients' CI/CD pipelines
• Assist in conducting vulnerability scanning and implementing vulnerability management solutions across client environments
• Help clients scale and optimize vulnerability management programs
• Support the implementation of application security testing tools (SAST, DAST, SCA) in client environments
• Contribute to client documentation, including technical specifications and security recommendations
• Participate in client meetings and status updates
• Collaborate with cross-functional teams to deliver comprehensive security solutions
• Assist in creating and delivering client training materials and workshops
• Support senior consultants in complex client engagements

Experience, Education, and Technical Requirements:

• Education
  
  
  
  • Bachelor's degree in Computer Science, Cybersecurity, or related field (or equivalent experience)
  • 0-2 years of relevant experience in security consulting or software development
  
  
  
  

• Technical Requirements
  
  
  
  • Basic understanding of common programming languages and scripting
  • Familiarity with popular CI/CD platforms and tools
  • Working knowledge of major cloud platforms (AWS, Azure, or GCP)
  • Understanding of fundamental security concepts and OWASP Top 10
  • Basic knowledge of vulnerability management tools and processes
  • Familiarity with containerization and infrastructure as code concepts
  • Understanding of application security testing methodologies and tools
  
  
  
  

• Professional Skills
  
  
  
  • Strong written and verbal communication skills
  • Ability to work effectively in client-facing situations
  • Basic project management and organization skills
  • Eagerness to learn and adapt to new technologies and environments
  • Ability to work both independently and as part of a team
  • Strong problem-solving and analytical skills
  
  
  
  

• Preferred Skills
  
  
  
  • Experience with security automation and scripting
  • Knowledge of secure development practices
  • Basic understanding of cloud security tools (CNAPP, CSPM, CWPP, CIEM)
  • Familiarity with common compliance frameworks
  • Experience with security testing tools like Burp Suite
  • Consulting or client service experience
  • Security certifications (Security+, CEH, or similar)