Companies CPI Security DevSecOps Engineer

About the role

CPI Security · Onsite

Position Summary: 

CPI is looking for a DevSecOps Engineer to join our application engineering team This is not a traditional DevOps role.  This role must recognize and imbed security across the entire application delivery lifecycle.  This teammate drives efficiency into the engineering team’s work, while embedding controls, automation, and threat-aware thinking into every pipeline, deployment, and platform. 

 

You'll work at the intersection of Salesforce delivery, cloud infrastructure, and application security, partnering with engineers and security teammates to ship faster and safer. 

 
Key Responsibilities: 

  • Manage release engineering, branching strategies, automated deployments, metadata diffing, sandbox seeding, and rollback playbooks (Salesforce/GearSet are currently core applications) 
  • Design and operate secure CI/CD pipelines and cloud-native services  (Salesforce, AWS, Snowflake) 
  • Work in conjunction with other IT teammates to identify and resolve technical pipeline issues and escalate items while retaining ownership 
  • Embed automated security gates (SAST, DAST, SCA, IaC scanning), container image scanning, and secrets detection directly into developer workflows 
  • Support and extend AI and Snyk code quality gates 
  • Architect and maintain AWS infrastructure IaC (Terraform), with security baselines enforced via policy-as-code 
  • Containerize workloads with Docker, orchestrate via ECS/EKS (or AKS), and harden images against CVEs and supply-chain attacks (SBOMs, signing, provenance) 
  • Partner with security team for pipeline incident response and infrastructure security events and postmortems 
  • Continuously evaluate tool alerts and reduce alert fatigue through tuning and automation 
  • Support and troubleshoot all pipeline & IaC tools to ensure engineering adoption 
  • Contribute to scrum ceremonies as a technical voice on delivery, release readiness, and risk 

 

Core Experience 

  • 10+ years of professional software development experience across one or more of: Java, .NET/C#Python, Node.js, or Apex 
  • 5+ years in a DevOps, SRE, or Platform Engineering role, with at least the last 2 years explicitly focused on DevSecOps practices 
  • Demonstrated history of owning production systems end-to-end (design, deployment, monitoring, and incident response) 
  • Independent problem solver able to investigate, identify, evaluate, and drive practical solutions 

Salesforce Delivery 

  • Hands-on experience for Salesforce CI/CD: pipeline configuration, automated testing, problem analysis, and unit test coverage enforcement (GearSet preferred) 
  • Strong understanding of Salesforce metadata, sandbox strategy, and Apex test automation 
  • Experience integrating Salesforce deployments with Git-based source-of-truth workflows 

Cloud & Infrastructure 

  • AWS at depth: IAM, VPC design, KMS, Secrets Manager, GuardDuty, Security Hub, CloudTrail, Config, WAF 
  • Docker and container orchestration (ECS, EKS, or Kubernetes) in production 
  • Infrastructure as Code: Terraform (preferred) with modular, reusable, policy-checked patterns. 
  • CI/CD platforms: GitHub Actions, GitLab CI, Jenkins, or CircleCI 

Security Tooling & Practices 

  • SAST/DAST/SCA tooling;  e.g. Snyk (preferrable)Checkmarx, SonarQube 
  • Container/image scanningSBOM generation, and policy-as-code 

Soft Skills 

  • Strong communication — you can explain a vulnerability to an executive and a regex to a junior engineer in the same afternoon 
  • Pragmatic risk thinker — you know when to block a deploy and when to file a ticket 
  • Collaborative; sensitive to "security as a department of no" 

Nice to Have 

  • Salesforce certifications (Platform Developer I/II) 
  • AWS certifications (Solutions Architect Professional, Security Specialty) 
Ready to apply to CPI Security?
Apply to CPI Security

Similar jobs

Sign up for suggestions tailored to the jobs you open and the searches you save.

Apply now
🤖

Whoa — hold up

JobsRadar was built for real people having a rough time in their job search — not for automated requests. You're clicking way too fast and you're now temporarily blocked.

Come back later. If you're genuinely job hunting, we've got your back — just act like a human.

Catch your next role the second it’s posted.

Create a free account and we’ll watch the boards for you — the instant a job matches your search, it lands in your inbox or Telegram. No digging, no refreshing.

Create free account

Free forever · takes 30 seconds · already have one?

Get the worldwide-remote edge.

Join our Telegram channel for the stuff that helps you land the role — salary benchmarks, the weekly market pulse, and new-feature drops. No spam, just signal.

Join the channel — it's free