DevSecOps Consultant

Role Expectations / Required Skills
This role requires strong hands‑on expertise across the DevSecOps application lifecycle, including:
End‑to‑End Application DevSecOps
Managing the complete DevSecOps pipeline from development to deployment
Integrating security practices across CI/CD
Ensuring automation, traceability, and compliance throughout the lifecycle
Application Code Management
Expertise in version control systems (e.g., Git, Azure Repos, GitHub)
Branching strategies, merge processes, and release management
Build, Deployment, and Scan Pipeline Setup & Support
Designing and maintaining CI/CD pipelines using tools like Azure DevOps, Jenkins, GitHub Actions, etc.
Implementing automated build, deployment, and security scan stages
Troubleshooting pipeline failures and ensuring high reliability
Code Quality, Review, and Governance Adherence
Performing code reviews to ensure coding standards and design best practices
Integrating tools like SonarQube, Checkmarx, or Fortify
Enforcing organizational governance and compliance policies
Security and Vulnerability Management
Running SAST, SCA, DAST, and container security scans
Prioritizing and remediating vulnerabilities with dev teams
Ensuring alignment with security frameworks and regulatory requirements