DevSecOps Engineer

About HireRight

HireRight is the premier global background screening and workforce solutions provider. We bring clarity and confidence to vetting and hiring decisions through integrated, tailored solutions, driving a higher standard of accuracy in everything we do. Combining in-house talent, personalized services, and proprietary technology, we ensure the best candidate experience possible. PBSA accredited and based in Nashville, TN, we offer expertise from our regional centers across 200 countries and territories in The Americas, Europe, Asia, and the Middle East. Our commitment to get it right every time, everywhere, makes us the trusted partner of businesses and organizations worldwide.

Overview

We’re seeking a hands-on DevSecOps Engineer who thrives at the intersection of automation, infrastructure, and security engineering. In this role, you’ll drive the integration of security into every stage of our development and deployment lifecycle—ensuring our cloud infrastructure and CI/CD pipelines are secure, scalable, and resilient. The ideal candidate has a strong foundation in both DevOps and security practices, and is passionate about building tools, processes, and partnerships that protect sensitive data and support secure, reliable service delivery across our global platforms.

Responsibilities

• Design, implement, and manage secure, scalable infrastructure using modern DevOps practices.
• Collaborate with development teams to integrate security into the CI/CD pipeline.
• Perform security assessments and vulnerability scans to identify and mitigate risks.
• Monitor systems and applications for security breaches and respond promptly.
• Provide guidance and training on secure coding practices and DevOps methodologies.
• Develop and maintain automation scripts and tools to enhance security and efficiency.
• Ensure compliance with industry standards and regulations, such as GDPR and ISO 27001.
• Participate in incident response and post-mortem analysis to improve security posture.
• Collaborate with cross-functional teams to drive security initiatives and continuous improvements.
• Cloud infrastructure scanning for vulnerabilities and fix implementation.
• Knowledge on helm chart upgrade of security products with assessment POC.

Qualifications

• 5+ years of experience in DevSecOps, cloud security, or secure software delivery.
• Hands-on experience with cloud platforms such as AWS, Azure, or GCP.
• Proficiency with CI/CD systems (e.g., GitHub Actions, GitLab CI, Jenkins, Bitbucket pipelines, Gitops).
• Strong scripting skills in Python, Bash, or similar.
• Experience with container security (Docker, Kubernetes, image scanning, runtime hardening).
• Golden image creation and key rotation.
• Familiarity with IaC tools like Terraform, CloudFormation, or Pulumi.
• Working knowledge of AppSec tools (e.g., Snyk, Trivy, Checkov, Burp Suite, OWASP ZAP).
• Understanding of common cloud and application vulnerabilities (OWASP Top 10, CIS Benchmarks).

Preferred Qualifications

• Experience with secure software development lifecycle (SSDLC) practices.
• Knowledge of Zero Trust security principles and access controls.
• Exposure to regulatory frameworks such as SOC 2, NIST, ISO 27001, or SOX.

What do we offer

Please submit resume/CV in English.

All resumes are held in confidence. Only candidates whose profiles closely match requirements will be contacted during this search.HireRight does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of HireRight and HireRight will not be obligated to pay a placement fee.