Talent.com
DevSecOps/Vulnerability Management Lead
DevSecOps/Vulnerability Management LeadOpen Systems Technologies • Woodbridge Township, NJ, US
DevSecOps / Vulnerability Management Lead

DevSecOps / Vulnerability Management Lead

Open Systems Technologies • Woodbridge Township, NJ, US
7 hours ago
Job type
  • Full-time
Job description

A financial firm is looking for a  DevSecOps / Vulnerability Management Lead to join their team in Iselin, NJ.

Compensation : $150-170k

US Citizens / GC Holders Only - No visa sponsorship

Candidates must be local - No relocation

Keys for Role :

  • Needs to currently be working in a vulnerability management area
  • Strong DevSecOps experience
  • Python and finance experience
  • SAST / DAST / SCA knowledge
  • Strong documentation skills

Responsibilities :

  • Establish and manage a comprehensive vulnerability management program, including :

    • Integration of scanning tools across source code, dependencies, containers, and infrastructure.

  • Continuous discovery, prioritization, and tracking of vulnerabilities.
  • Coordinating with development and infrastructure teams for timely remediation.
  • Root cause analysis and reporting on trends and recurring issues.
  • Lead the design and implementation of secure, automated CI / CD pipelines.
  • Define and drive DevSecOps strategy in alignment with business goals and compliance standards.
  • Embed security controls and tooling (SAST, DAST, SCA, IaC scanning, etc.) into the software development lifecycle.
  • Collaborate closely with engineering, platform, and security teams to ensure scalable security architecture.
  • Automate security testing and compliance checks within CI / CD workflows.
  • Evaluate and implement security tools and platforms that support proactive risk management.
  • Drive secure configuration management and enforcement through IaC and policy-as-code.
  • Maintain awareness of emerging threats, vulnerabilities, and regulatory changes.
  • Support internal and external audits, ensuring alignment with compliance frameworks (e.g., ISO 27001, SOC 2, GDPR).
  • Provide technical mentoring and guidance on secure coding, cloud security, and DevSecOps best practices.

    • Qualifications :

  • 5+ years of hands-on experience in DevOps, Security Engineering, or DevSecOps.
  • Strong experience designing and managing vulnerability management workflows, ideally across multi-cloud and containerized environments.
  • Familiarity with vulnerability scanning tools and platforms (e.g., Snyk, Tenable, Qualys, Trivy, Clair, etc.).
  • Proficient in implementing CI / CD pipelines with tools such as GitLab CI, GitHub Actions, Jenkins, CircleCI.
  • Deep understanding of cloud platforms (AWS, Azure, or GCP) and cloud-native security controls.
  • Expertise in scripting (e.g., Python, Bash) and infrastructure-as-code (Terraform, Ansible).
  • In-depth knowledge of application and infrastructure security, secure SDLC, and DevSecOps tooling.
  • Strong knowledge of compliance and security frameworks : OWASP, NIST, CIS Benchmarks, ISO 27001.
  • Excellent communication skills and ability to work across technical and non-technical stakeholders.
  • Proven ability to lead cross-functional security initiatives and mentor engineers.
    • Create a job alert for this search

    Management Lead • Woodbridge Township, NJ, US