DevSecOps Security Developer

Cyber | Cyber & Strategic Risk
Same job available in 55 locations

Arlington, Virginia, United States

Atlanta, Georgia, United States

Baltimore, Maryland, United States

Bethesda, Maryland, United States

Boca Raton, Florida, United States

Boston, Massachusetts, United States

Bowie, Maryland, United States

Charleston, West Virginia, United States

Charlotte, North Carolina, United States

Chicago, Illinois, United States

Darien, Connecticut, United States

Detroit, Michigan, United States

Falls Church, Virginia, United States

Fort Meade, Maryland, United States

Frankfort, Kentucky, United States

Frederick, Maryland, United States

Grand Rapids, Michigan, United States

Hartford, Connecticut, United States

Jacksonville, Florida, United States

Jersey City, New Jersey, United States

Lake Mary, Florida, United States

Lansing, Michigan, United States

Lexington Park, Maryland, United States

Louisville, Kentucky, United States

McLean, Virginia, United States

Miami, Florida, United States

Midland, Michigan, United States

Morristown, New Jersey, United States

Morrisville, North Carolina, United States

New Carrollton, Maryland, United States

Newton, Massachusetts, United States

Norfolk, Virginia, United States

O'Fallon, Illinois, United States

Orlando, Florida, United States

Panama City, Florida, United States

Princeton, New Jersey, United States

Quantico, Virginia, United States

Radford, Virginia, United States

Raleigh, North Carolina, United States

Reston, Virginia, United States

Richmond, Virginia, United States

Rockville, Maryland, United States

Rosslyn, Virginia, United States

Seattle, Washington, United States

Silver Spring, Maryland, United States

Springfield, Illinois, United States

Stamford, Connecticut, United States

Suitland, Maryland, United States

Tacoma, Washington, United States

Tallahassee, Florida, United States

Tampa, Florida, United States

Washington, District of Columbia, United States

West Palm Beach, Florida, United States

Wilmington, Delaware, United States

Wilton, Connecticut, United States

Position Summary

Do you thrive on developing creative and innovative insights to solve complex challenges? Want to work on next-generation, cutting-edge products and services that deliver outstanding value and that are global in vision and scope? Work with other experts in your field? Work for a world-class organization that provides an exceptional career experience with an inclusive and collaborative culture?

Want to make an impact that matters? Consider Deloitte Global.

Work you'll do:

This opportunity requires advanced skills within the DevSecOps Security Developer platform that enable the individual to deliver a high level of service to meet the expectation from the business. This role will focus on architecting solutions while ensuring our instance stays aligned to our internal best practices. The primary focus will be on the DevSecOps Security Developer Security Operations.

In this interesting and diverse role, you'll work to lead solutions development within an established team across the DevSecOps Security Developer Platform depending on the business needs.

You'll use or develop skills in many areas including some of the latest DevSecOps Security Developer modules such as Security Operations, Automation and the platform.

As part of a broader DevSecOps Security Developer team, you will be able to work with many other DevSecOps Security Developer professionals across the globe to provide input on setting standards and path forwards to collectively deliver global solutions internally within Deloitte.

You will have the opportunity to interact with management and leaders in a global environment from multiple countries and varied business areas across our organization.

What you'll be part of - our Deloitte Global Culture:

At Deloitte, we expect results. Incredible-tangible-results. And Deloitte Global professionals play a unique role in delivering those results. We reach across disciplines and borders to serve our global organization. We are the engine of Deloitte. We develop and implement global strategies and provide programs and services that unite our network.

In Deloitte Global, everyone has opportunities. We see the importance of your perspective and your ability to create value. We want you to fit in-with an inclusive culture, focus on work-life fit and well-being, and a supportive, connected environment; but we also want you to stand out-with opportunities to have a strategic impact, innovate, and take the risks necessary to make your mark. Deloitte Technology works at the forefront of technology development and processes to support and protect Deloitte around the world. In this truly global environment, we operate not in "what is" but rather "what can be" to help Deloitte deliver and connect with its clients, its communities, and one another in ways not previously conceived.

Primary Responsibilities:

  • Design, develop and maintain DevSecOps Security Developer workflows and processes
  • Develop and configure DevSecOps Security Developer catalog item and workflows
  • Create and maintain DevSecOps Security Developer Business Rules, scripts, portal widgets
  • Develop custom Service portal pages/widgets to support the Business
  • Provide release and incident management support for the supported tools and services
  • Collaborate with development and QA team
  • Understand and practice DevSecOps Security Developer best practices to maintain system compliance
  • Automate security testing within a CI/CD pipeline leveraging DevSecOps
  • Lead the direction for the standup of the DevSecOps security tools
  • Provide guidance on secure coding and engineering best practices and principles
  • Secure development coach for dev work across all development teams

Required Qualifications:

  • Bachelor's Degree (BS) in Computer Science, Software Engineering, or a related field
  • Public Trust security clearance is required
  • Experience with the following tools: Prisma Cloud (TwistLock), Checkmarx IAST/SAST, SonarQube, Nexus Firewall
  • 2+ years of experience with software development focused on security architecture
  • Experience implementing access control (SAML, OAUTH2, or OpenID Connect)
  • Experience with data security and cryptography.
  • Experience with API Security
  • Knowledge of container hardening
  • Familiar with NIST 800-190 container security guidelines
  • Familiar with OpenShift PaaS
  • Experience implementing NIST 800-53 controls
  • Preferred Qualifications:
  • A high level of flexibility, creativity and dependability
  • Certified DevSecOps Security Developer Administrator preferred, Certified GRC preferred
  • Experience in rapid development and quick turnaround of training deliverables
  • Developed and used graphics, templates, and icons in instructional design work
  • Incorporated measurements and assessments into learning programs
  • Utilized effective project management techniques to organize training projects and to ensure quality
  • Experience with Web Technologies (XML, HTML, Angular, Bootstrap, JavaScript, Web Services) and working in a SaaS environment
  • Strong working knowledge of MS Office applications, including Word, Excel, and PowerPoint
  • Working knowledge of eLearning technologies, such as authoring tools (e.g. Articulate 360, Captivate) and design/development tools (e.g., SnagIt, Camtasia, ScreenFlow)
  • Experience with Learning Management Systems (LMS) and web conferencing applications (e.g. Zoom, WebEx)

Our people and culture

Our diverse, equitable, and inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ideas and perspectives, and bring more creativity and innovation to help solve our client most complex challenges. This makes Deloitte one of the most rewarding places to work. Learn more about our inclusive culture.

Professional development

From entry-level employees to senior leaders, we believe there’s always room to learn. We offer opportunities to build new skills, take on leadership opportunities and connect and grow through mentorship. From on-the-job learning experiences to formal development programs, our professionals have a variety of opportunities to continue to grow throughout their career.

As used in this posting, "Deloitte Advisory" means Deloitte & Touche LLP, which provides audit and enterprise risk services; Deloitte Financial Advisory Services LLP, which provides forensic, dispute, and other consulting services; and its affiliate, Deloitte Transactions and Business Analytics LLP, which provides a wide range of advisory and analytics services. Deloitte Transactions and Business Analytics LLP is not a certified public accounting firm. Please see for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. These entities are separate subsidiaries of Deloitte LLP.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or protected veteran status, or any other legally protected basis, in accordance with applicable law.

Requisition code: 118726


Caution against fraudulent job offers!

We have been informed of instances where jobseekers are led to believe of fictitious job opportunities with Deloitte US (“Deloitte”). In one or more such cases, false promises of actual or potential selection, or initiation or completion of the recruitment formalities appear to have been or are being made. Some jobseekers appear to have been asked to pay money to specified bank accounts of individuals or entities as a condition of their selection for a ‘job’ with Deloitte. These individuals or entities are in no way connected with Deloitte and do not represent or otherwise act on behalf of Deloitte.

We would like to clarify that:

  • At Deloitte, ethics and integrity are fundamental and not negotiable.
  • We are against corruption and neither offer bribes nor accept them, nor induce or permit any other party to make or receive bribes on our behalf.
  • We have not authorized any party or person to collect any money from jobseekers in any form whatsoever for promises of getting jobs in Deloitte.
  • We consider candidates on merit and that we provide an equal opportunity to eligible applicants.
  • No one other than designated Deloitte personnel (e.g., a Deloitte recruiter or Deloitte hiring partner) is permitted to extend any job offer from Deloitte.

Anyone who at any time has made or makes any payment to any party in exchange for promises of job or selection for a job with Deloitte or any matter related to this (including those for ‘registration’, ‘verification’ or ‘security deposit’) or otherwise engages with any such person who has made or makes fraudulent promises or offers, does so (or has done so) entirely at their own risk. Deloitte takes no responsibility or liability for any such unauthorized or fraudulent actions or engagements. We encourage jobseekers to exercise caution.