DevSecOps Security Engineer

Location: San Antonio, TX

Time Type: Full time

Job Description

SWBC is seeking a talented DevSecOps Security Engineer to leverage modern security practices and tools to enhance the security, integrity, and reliability of cloud and on-premise applications. This role partners with DevOps, engineering, and security teams to embed security across the software development lifecycle and ensure secure, compliant, and resilient application delivery.

Why you'll love this role:

Essential duties include the following:

• Design, implement, and maintain security controls within GitHub and Azure DevOps-based CI/CD pipelines.
• Integrate security tools (SAST, SCA, DAST, container and secrets scanning) into pipelines.
• Develop automation scripts for secure deployments, monitoring, and operational efficiency.
• Secure AWS environments including services such as EC2, S3, Lambda, IAM, GuardDuty, Inspector, and CloudWatch.
• Implement IAM, OIDC, secrets management, and KMS-based encryption controls.
• Design and maintain Infrastructure-as-Code solutions using Terraform, CloudFormation, or AWS CDK.
• Secure containerized environments using Docker and Kubernetes, including cluster hardening and policy enforcement.
• Improve container security through image scanning, signing, and registry controls.
• Implement logging, monitoring, alerting, and observability solutions for cloud workloads.
• Monitor systems for threats, indicators of compromise, and compliance gaps.
• Perform vulnerability management, tracking, and remediation.
• Participate in incident response, investigation, and recovery activities.
• Support audit and compliance requirements (PCI-DSS, SOC2, NIST) and coordinate with GRC teams.
• Review code, infrastructure changes, and releases for security risks.
• Collaborate with DevOps and engineering teams to enforce secure SDLC practices.
• Provide technical guidance on security architecture and best practices.
• Mentor team members and promote a culture of security, automation, and continuous improvement.
• Develop and track security metrics, KPIs, and pipeline telemetry.

Serious candidates will possess the minimum qualifications:

• Bachelor’s degree in Computer Science, Information Security, or related field, or equivalent practical experience.
• Minimum five (5) years of experience in DevSecOps, Cloud Security, Security Engineering.
• Hands-on experience with GitHub / GitHub Actions or similar CI/CD tools.
• Strong expertise in AWS cloud services and security controls.
• Experience with Infrastructure-as-Code tools (Terraform preferred).
• Strong understanding of CI/CD pipeline design, automation, and security integration.
• Experience with containers and orchestration (Docker, Kubernetes, ECS).
• Knowledge of IAM, OIDC, secrets management, and key management (KMS).
• Strong understanding of Git workflows, branching strategies, and pull request processes.
• Knowledge of OWASP Top 10 and application security principles.
• Proficiency in scripting languages such as Python, Bash, or Go.
• Experience with security tools such as Mend, SonarQube, Prowler, Trivy, OWASP ZAP, or Burp Suite.
• Experience with SIEM/SOAR platforms and security automation is a plus.
• AWS Certified Developer – Associate is required at time of hire.
• AWS Certified DevOps Engineer – Professional is required and must be obtained within 6 months of hire.
• AWS Certified Security – Specialty is highly desired and must be obtained within 6 months of hire.
• AWS Certified SysOps Administrator – Associate, or AWS Certified Solutions Architect – Associate are highly desired.
• Security certifications (CISSP, CCSP, GIAC) are highly desired.
• Experience in financial or regulated environments.
• Exposure to offensive security practices, AI/ML security risks.

SWBC offers*:  

• Competitive overall compensation package
• Work/Life balance 
• Employee engagement activities and recognition awards 
• Years of Service awards
• Career enhancement and growth opportunities 
• Leadership Academy and Mentor Program
• Continuing education and career certifications 
• Variety of healthcare coverage options
• Traditional and Roth 401(k) retirement plans 
• Lucrative Wellness Program

*Based upon employee eligibility 

Additional Information:

SWBC is a Substance-Free Workplace and requires pre-employment drug testing.

Please note, SWBC does not hire tobacco users as allowed by law.

To learn more about SWBC, visit our website at www.SWBC.com. If interested, please click the appropriate apply button.