The DevSecOps Engineer will play a pivotal role in integrating robust security practices throughout the DevOps lifecycle, with a primary emphasis on identity and access management (IAM) using Microsoft Entra ID (formerly Azure AD).
\nThis role is responsible for designing and implementing secure automation pipelines, enforcing least-privilege and Zero Trust access controls, and managing enterprise identity governance to meet both organisational and regulatory compliance requirements.
\nIn addition to strong Entra ID expertise, the ideal candidate will bring hands-on experience with GCP pipeline deployment, infrastructure-as-code (IaC), and custom agent development to enhance cloud security observability, policy enforcement, and workload protection across cloud environments.
\nResponsibilities:
\nQualifications:
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_41857894-7ab","directApply":true,"hiringOrganization":{"@type":"Organization","name":"Ford Global Career Site Careers","sameAs":"https://careers.ford.com/","logo":"https://logos.yubhub.co/careers.ford.com.png"},"x-apply-url":"https://efds.fa.em5.oraclecloud.com/hcmUI/CandidateExperience/en/sites/CX_1/job/60841?utm_source=yubhub.co&utm_medium=jobs_feed&utm_campaign=apply","x-work-arrangement":"remote","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":null,"x-skills-required":["Microsoft Entra ID","GCP pipeline deployment","Infrastructure-as-code (IaC)","Custom agent development","Cloud security observability","Policy enforcement","Workload protection","CI/CD pipelines","GitHub Actions","GCP Cloud Build","Code scanning","Dependency security","Secrets scanning","Conditional Access","Identity Protection","Privileged Identity Management (PIM)","Identity Governance","Adaptive MFA policies","Entra Agent ID","Entra Workload ID","Identity Governance lifecycle workflows","Zero-Trust deployments","Terraform","Ansible","ARM templates","Multi-cloud pipeline support","Azure","GCP","Cloud security controls","Least-privilege access","Zero Trust alignment","Secure code reviews","Threat modelling","Vulnerability assessments","Remediation guidance","Identity compliance","Audit readiness","IAM security posture","Azure Monitor","GCP Looker","Sentinel","BigQuery"],"x-skills-preferred":[],"datePosted":"2026-04-25T12:13:46.127Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Chennai"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Automotive","skills":"Microsoft Entra ID, GCP pipeline deployment, Infrastructure-as-code (IaC), Custom agent development, Cloud security observability, Policy enforcement, Workload protection, CI/CD pipelines, GitHub Actions, GCP Cloud Build, Code scanning, Dependency security, Secrets scanning, Conditional Access, Identity Protection, Privileged Identity Management (PIM), Identity Governance, Adaptive MFA policies, Entra Agent ID, Entra Workload ID, Identity Governance lifecycle workflows, Zero-Trust deployments, Terraform, Ansible, ARM templates, Multi-cloud pipeline support, Azure, GCP, Cloud security controls, Least-privilege access, Zero Trust alignment, Secure code reviews, Threat modelling, Vulnerability assessments, Remediation guidance, Identity compliance, Audit readiness, IAM security posture, Azure Monitor, GCP Looker, Sentinel, BigQuery"},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_9d30cfce-beb"},"title":"Security Engineer - Azure Government","description":"We are seeking a skilled Azure Security Engineer to design, implement, and maintain robust security controls across our Azure Gov Cloud environment. In this hands-on role, you will build, strengthen, and maintain our cloud security posture, protect critical workloads, and collaborate with engineering, DevOps, and compliance teams to embed security throughout the development lifecycle.
\nKey responsibilities include: Implementing, designing, and managing security architecture for Azure Government and Commercial deployments. Configuring and optimising Microsoft Defender for Cloud, Microsoft Sentinel, Microsoft Defender for Endpoint, and related services for threat detection, vulnerability management, and automated response. Designing and enforcing identity & access management using Microsoft Entra ID, Privileged Identity Management (PIM), Conditional Access policies, RBAC, and just-in-time access. Securing network architectures with Azure Firewall, Network Security Groups (NSGs), DDoS Protection, Web Application Firewall (WAF), Network Watcher, and private endpoints. Protecting data at rest and in transit via Azure Key Vault, encryption strategies, data classification, and information protection controls. Developing and maintaining security policies, initiatives, and blueprints using Azure Policy and Microsoft Purview for compliance (NIST, FedRAMP, CMMC, STIGs, etc.). Performing threat hunting, incident response, and forensics using Sentinel playbooks, Log Analytics, and KQL queries. Conducting security reviews of Infrastructure as Code (IaC), containers, Kubernetes (AKS), and serverless workloads. Collaborating with developers and architects to implement DevSecOps practices, including secure CI/CD pipelines, code scanning, and secure defaults. Monitoring and remediating security findings, reducing attack surface, and improving overall security posture per the Microsoft Cloud Security Benchmark (MCSB). Deploying configurations and compliance policies to Azure AVD endpoints using Intune and other Azure native services.
\nBasic qualifications include: Active U.S. security clearance (e.g., Secret, Top Secret) or eligibility to obtain one. 3+ years of experience in cloud security, cybersecurity engineering, or related roles (with strong Azure focus). Deep hands-on expertise with core Azure security services: Microsoft Defender suite, Sentinel, Intune, Entra ID, Key Vault, Azure Policy, Firewall, Network Watcher, and Purview. Strong understanding of DLP implementation both in cloud and on endpoints utilising Purview and other Microsoft native controls. Experience implementing security in hybrid/multi-cloud environments. Proficiency in scripting/automation (PowerShell, Azure CLI, Bicep/ARM templates, Terraform). Strong understanding of identity federation, zero-trust principles, encryption, network security, and vulnerability management. Familiarity with compliance frameworks (NIST, FedRAMP, CMMC, STIGs, etc.) and regulatory requirements. Excellent problem-solving, analytical, and communication skills. Strong verbal and written communication skills and the ability to stay composed under pressure.
\nPreferred skills and experience include: Microsoft Certified: Azure Security Engineer Associate (AZ-500), Microsoft Cybersecurity Architect (SC-100). Additional relevant certifications (e.g., CISSP, CCSP, Microsoft Certified: Azure Administrator, AWS Security Specialty, SANS GCPS, SANS GCAD). Deep experience with detection and response engineering and SOC operations. Knowledge of container security (Docker, AKS), secure DevOps, or AI/ML workload protection. Prior experience in government regulations frameworks such as FedRAMP and CMMC.
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_9d30cfce-beb","directApply":true,"hiringOrganization":{"@type":"Organization","name":"xAI","sameAs":"https://www.xai.com/","logo":"https://logos.yubhub.co/xai.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/xai/jobs/5050657007?utm_source=yubhub.co&utm_medium=jobs_feed&utm_campaign=apply","x-work-arrangement":"onsite","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$180,000 - $440,000 USD","x-skills-required":["Azure Security Engineer","Microsoft Defender for Cloud","Microsoft Sentinel","Microsoft Defender for Endpoint","Azure Key Vault","Azure Policy","Microsoft Purview","Identity & Access Management","Network Security","Data Loss Prevention","Compliance Frameworks","Cloud Security Posture Management","Threat Hunting","Incident Response","Forensics","Infrastructure as Code","Containers","Kubernetes","Serverless Workloads","DevSecOps","CI/CD Pipelines","Code Scanning","Secure Defaults","Microsoft Cloud Security Benchmark"],"x-skills-preferred":["Microsoft Certified: Azure Security Engineer Associate (AZ-500)","Microsoft Cybersecurity Architect (SC-100)","CISSP","CCSP","Microsoft Certified: Azure Administrator","AWS Security Specialty","SANS GCPS","SANS GCAD","Detection and Response Engineering","SOC Operations","Container Security","Secure DevOps","AI/ML Workload Protection","Government Regulations Frameworks"],"datePosted":"2026-04-24T17:05:13.646Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Palo Alto, CA; Washington, D.C."}},"employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Azure Security Engineer, Microsoft Defender for Cloud, Microsoft Sentinel, Microsoft Defender for Endpoint, Azure Key Vault, Azure Policy, Microsoft Purview, Identity & Access Management, Network Security, Data Loss Prevention, Compliance Frameworks, Cloud Security Posture Management, Threat Hunting, Incident Response, Forensics, Infrastructure as Code, Containers, Kubernetes, Serverless Workloads, DevSecOps, CI/CD Pipelines, Code Scanning, Secure Defaults, Microsoft Cloud Security Benchmark, Microsoft Certified: Azure Security Engineer Associate (AZ-500), Microsoft Cybersecurity Architect (SC-100), CISSP, CCSP, Microsoft Certified: Azure Administrator, AWS Security Specialty, SANS GCPS, SANS GCAD, Detection and Response Engineering, SOC Operations, Container Security, Secure DevOps, AI/ML Workload Protection, Government Regulations Frameworks","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":180000,"maxValue":440000,"unitText":"YEAR"}}},{"@context":"https://schema.org","@type":"JobPosting","identifier":{"@type":"PropertyValue","name":"YubHub","value":"job_46d6bdd3-23c"},"title":"Senior Backend Engineer (RoR), AST: Secret Detection","description":"As a Senior Backend Engineer on the Secret Detection team, you'll help protect sensitive data by building services, scanning workflows, and remediation paths that prevent leaked secrets from reaching production.
\nYour work will contribute to the full secret management lifecycle, from push protection to pipeline-based scanning, validation, and auditability, so developers can move quickly without taking on avoidable security risk.
\nThis is a strong opportunity if you want to work on security features with clear customer impact, improve detection quality, and help teams act when credentials, API keys, or other secrets are exposed.
\nYou'll focus on backend systems that power Secret Detection across GitLab's DevSecOps platform, working closely with product management and engineering peers in an async-first environment.
\nIn your first year, you'll contribute to core product capabilities, improve performance and result quality, and help shape technical direction through code reviews, RFCs, and proof of concepts.
\nSome examples of our projects:
\nResponsibilities
\nRequirements
\nAbout the Team
\nThe Secret Detection team owns GitLab's Secret Detection category, and we build the backend systems and related user workflows that help developers identify and mitigate exposed secrets as code is contributed.
\nWe work with the broader security product suite while maintaining focused investment in secret scanning quality, validation, remediation, and developer experience.
\nOur work spans Rails and Go services, and we work primarily asynchronously across time zones as a globally distributed team.
\nCurrent opportunities include expanding coverage across the secret management lifecycle and improving result quality across the findings our tools detect.
\nFor more on how we work, see the Team Handbook page.
\nBenefits
\nXML job scraping automation by YubHub
","url":"https://yubhub.co/jobs/job_46d6bdd3-23c","directApply":true,"hiringOrganization":{"@type":"Organization","name":"GitLab","sameAs":"https://about.gitlab.com/","logo":"https://logos.yubhub.co/about.gitlab.com.png"},"x-apply-url":"https://job-boards.greenhouse.io/gitlab/jobs/8432262002?utm_source=yubhub.co&utm_medium=jobs_feed&utm_campaign=apply","x-work-arrangement":"remote","x-experience-level":"senior","x-job-type":"full-time","x-salary-range":"$117,600-$252,000 USD","x-skills-required":["Ruby on Rails","GraphQL","Go","Backend development","Security","Secure coding practices","Code scanning","Secret detection"],"x-skills-preferred":[],"datePosted":"2026-04-18T15:50:50.538Z","jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Remote, Canada; Remote, Ireland; Remote, Israel; Remote, Netherlands; Remote, United Kingdom; Remote, US"}},"jobLocationType":"TELECOMMUTE","employmentType":"FULL_TIME","occupationalCategory":"Engineering","industry":"Technology","skills":"Ruby on Rails, GraphQL, Go, Backend development, Security, Secure coding practices, Code scanning, Secret detection","baseSalary":{"@type":"MonetaryAmount","currency":"USD","value":{"@type":"QuantitativeValue","minValue":117600,"maxValue":252000,"unitText":"YEAR"}}}]}