DevSecOps Engineer, Internal Security

About the position The DevSecOps Engineer will work within Accordion’s Internal Security Team and closely collaborate with software development groups to make sure security best practices are embedded throughout the product lifecycle. This role emphasizes policy creation, risk management, technical advising, code reviews, and the implementation of penetration test recommendations. The ideal candidate will possess deep technical expertise and be able to bridge the gap between security and development, particularly for teams who are new to working with DevSecOps teams. This position can be based in any of our US office locations and is a hybrid role. This position is not eligible for immigration sponsorship.

Responsibilities

• Collaborate with internal development teams to ensure deliverables meet enterprise security standards and best practices in our software development lifecycle
• Participate in code and architecture reviews, providing actionable recommendations and secure alternatives
• Advise on and help integrate secure solutions into application and infrastructure pipelines across Azure, AWS, Google Cloud Platform, and Oracle Cloud
• Work with the Security Engineer and Cloud Engineer to proactively identify, assess, and mitigate security risks in cloud environments and in any infrastructure as code
• Lead the implementation of recommendations from penetration tests and vulnerability assessments, working hands-on with development stakeholders
• Support the build-out of a robust DevSecOps program, partnering with Accordion’s CISO and Information Security Manager
• Serve as a subject matter expert to educate development teams with best practices regarding the SDLC
• Review CI/CD platforms (e.g., Jenkins, GitLab, AzureDataFactory, Databricks) and containers to ensure secure deployments
• Maintain awareness of emerging threats, security technologies, and compliance requirements relevant to Accordion’s business and clients
• Design and implement security policies, standards, and guidelines for development best practices tailored to Accordion’s and our client’s risk profile and industry frameworks (including GDPR, HIPAA, SOC, SOX, and PCI)
• Consistently support Security services firmwide as Accordion grows and scales

Requirements

• Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent work experience
• Proven experience as a DevSecOps Engineer or in a similar security engineering role, including significant enterprise and cloud security exposure
• Deep understanding of security principles, best practices, and regulatory frameworks (especially GDPR, with strong working knowledge of HIPAA, SOC, SOX, and PCI)
• Expertise with Azure and AWS cloud security; proficiency with Google Cloud Platform and Oracle Cloud are a plus
• Hands-on experience with programming/scripting (such as Python, Bash, PowerShell), plus experience using secure coding practices
• Familiarity with code review techniques, security assessment tools, penetration testing approaches, and vulnerability scanner platforms
• Direct experience with CI/CD pipelines and automation tools
• Fundamental knowledge of container security (e.g., Docker, Kubernetes) and IaC applications
• Excellent verbal and written communication skills to effectively advise technical and non-technical stakeholders
• Strong problem-solving abilities and interpersonal skills suited to a collaborative, team-driven environment

Nice-to-haves

• Security certifications (CISSP, CEH, OSCP, or similar)—strongly preferred but not mandatory; demonstration of practical expertise in both security and development/programming is most critical
• Prior exposure to consulting, training, or facilitating cross-functional security workshops is a plus
• Experience helping build security programs from the ground up, ideally in partnership with CISO or security leadership
• The candidate must be comfortable operating in a dynamic, growth-oriented environment with the willingness to take initiative and help shape the future of Accordion’s security posture
• Excited to be part of a growing team, with a focus on driving future growth
• Passionate about delivering exceptional client service
• Knowledgeable about the relationship between Private Equity sponsors and their portfolio companies, particularly within the office of the CFO
• Willing to get your hands dirty in the details of a project while simultaneously seeing the whole picture
• Comfortable managing projects with multiple complex workstreams while also focused on your single workstream (you are managing and doing)
• A self-starter with a strong work ethic
• Full of entrepreneurial spirit and comfortable in a fluid, flat organization
• Able to effectively communicate complex issues and solutions, and raise issues to senior team members when necessary
• A team player, able to work with team members across all levels
• Someone who enjoys mentoring others and doing meaningful work
• A leader of others; you lead by example

Apply tot his job Apply To this Job