Job Title: Cyber Security Architecture I - But it's a DevOps role
MUST HAVES: - Git experience
- CI/CD and DevOps knowledge
- SonarQube familiarity
- Background in vulnerability remediation
Position Overview: This is a
net new role designed to support the organization's initiative to
"shift left " in cybersecurity, embedding security earlier in the development lifecycle. The position is part of a
9-person Cybersecurity team based in Pittsburgh, supporting over
200 applications across multiple platforms, with a strong emphasis on
regulatory compliance.
Key Technical Requirements: - Version Control & Collaboration:
- Proficiency with Git repositories and GitLab
- Experience in setting up and managing Git projects (3-5 years preferred)
- DevOps & CI/CD Toolchain:
- Strong understanding of CI/CD processes
- Practical experience integrating security into DevOps pipelines
- Code Quality & Vulnerability Tools:
- SonarQube (REQUIRED) - must be able to manage and interpret results
- Familiarity with vulnerability scanning tools:
- Fortify
- Web Inspect
- App Scan
- Experience with vulnerability remediation processes
- Bonus Tools/Skills:
- Knowledge of Defend Bot (nice to have)
Ideal Candidate Profile: - Experience:
- 3-5 years working in security-related roles within the SDLC
- Hands-on experience with code quality management and secure development practices
- Soft Skills:
- Excellent communication and teaching ability
- Capable of training application teams on secure coding practices and tools usage
- Comfortable leading discussions with developers and stakeholders on remediation strategies
- Industry Fit:
- Background in regulated industries (e.g., finance, healthcare, government)
- Familiarity with large, complex application environments
- Open to career contractors with strong niche expertise
Team & Collaboration: - Supports 200+ applications across multiple platforms
- Regular weekly meetings with application teams for support and remediation guidance
- Role requires collaboration across cross-functional teams to maintain compliance and improve security posture