SonicJobs Logo
Left arrow iconBack to search
  1. Home
  2. 84020, Draper, UT
  3. DevSecOps Engineer

DevSecOps Engineer

AMH
Posted 7 days ago, valid for 3 days
Location

Draper, UT 84020, US

Salary

Competitive

Contract type

Full Time

Paid Time Off
Tuition Reimbursement
Flexible Spending Account

By applying, a AMH account will be created for you. AMH's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.

Sonic Summary

info
  • AMH is seeking a DevSecOps Engineer responsible for integrating and enforcing security across the software development lifecycle within modern DevOps and cloud environments.
  • Candidates should have a minimum of five years of experience in IT Security and three years in DevOps Engineering.
  • The anticipated pay range for this position is commensurate with experience, with actual starting base pay depending on various factors.
  • Additional compensation includes eligibility for a discretionary annual bonus and a comprehensive benefits package, including medical, dental, and 401(k) matching.
  • The role requires strong communication and problem-solving skills, along with experience in security incident management and vulnerability remediation.

Since 2012, we've grown to become one of the leading single-family rental companies and homebuilders in the country, recently recognized as a top employer by Fortune and Great Place To Work®.  At AMH, our goal is to simplify the experience of leasing a home through professional management and maintenance support, so our residents can focus on what really matters to them, wherever they are in life. 

The DevSecOps Engineer is responsible for embedding, auditing, and enforcing security across the entire software development lifecycle within modern DevOps and cloud environments. This role focuses on integrating security controls into CI/CD pipelines, DevOps tooling, and software engineering workflows to support secure-by-design development and delivery. Partners closely with internal engineering teams to design, implement, and enforce security controls across cloud infrastructure, application platforms, and automation pipelines ensuring software can be built and deployed securely at scale. Aligns security requirements with development practices to improve visibility and threat detection and ensures consistent security standards across DevOps and software engineering tools. Contributes to foundational security operations which includes vulnerability management and assisting with incident response efforts.

Responsibilities:

  • Embeds and enforces security throughout the Software Development Life Cycle (SDLC) by integrating automated controls (e.g., SAST, DAST, SCA, secrets detection, and IaC scanning) into CI/CD pipelines, DevOps tooling, and cloud-native workflows. Partners with development and platform teams to identify and remediate security vulnerabilities early in the development process while maintaining development speed and minimizing release delays.
  • Collaborates with engineering teams to design, implement, and maintain scalable security controls across cloud infrastructure and application environments, to ensure consistent enforcement of company standards and compliance requirements. Drives comprehensive visibility and threat detection through centralized logging, monitoring, and alerting integrations to enable proactive identification of misconfigurations, anomalous behavior, and emerging threats across the production landscape.
  • Develops and continually improves processes supporting the IT Security Framework to include vulnerability management, risk management, and remediation tracking. Conducts regular vulnerability scans across on-premises and cloud environments while prioritizing risks based on severity, exploitability, and business impact. Coordinates remediation with internal teams and external vendors to ensure timely closure and measurable risk reduction.
  • Serves as a primary responder for security incidents by triaging alerts, containing threats, performing root cause analysis, and producing detailed incident reports documenting findings, response actions, and lessons learned. Identifies and investigates actual or suspected security violations, conducts thorough follow-up analysis and provides recommendations to prevent recurrence and strengthen the company’s overall security posture.

Requirements:

  • High school diploma or GED required
  • Bachelor’s degree in Computer Science, Information Technology, Information Security, and/or a related field or an equivalent combination of education and experience preferred
  • Minimum five (5) years of experience in IT Security
  • Minimum three (3) years of experience in DevOps Engineering
  • Experience with Github and Azure DevOps preferred
  • Experience with Kubernetes and Docker preferred
  • Experience with Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) tools
  • Experience in Security incident management and reporting
  • Experience with vulnerability management and remediation
  • CISSP, SecurityX (CASP+), or GCIH preferred
  • Excellent verbal and written communication, planning, analysis and organizing skills
  • Strong troubleshooting and problem-solving skills

Compensation

The anticipated pay range/scale for this position is commensurate with experience. Actual starting base pay within this range will depend on factors including geographic location, education, training, skills, and relevant experience.

Additional Compensation

This position is eligible to receive a discretionary annual bonus.

Perks and Benefits

Employees have the opportunity to participate in medical, dental and vision insurance; flexible spending accounts and/or health savings accounts; dependent savings accounts; 401(k) with company matching contributions; employee stock purchase plan; and a tuition reimbursement program. The Company provides 9 paid holidays per year, and, upon hire, new employees will accrue paid time off (PTO) at a rate of 0.0577 hours of PTO per hour worked, up to a maximum of 120 hours per year.

CA Privacy Notice: To learn more about what information we collect when you apply for a job, and how we use that information, please see our CA Job Applicant Privacy Notice found at https://www.amh.com/ca-privacy-notice.

#LI-PH1


Learn more about this Employer on their Career Site

Apply now in a few quick clicks

By applying, a AMH account will be created for you. AMH's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.

Logo
SonicJobs
Your next career move. Sorted.
Search jobsbackground image

Contact us

© 2017 - 2026 SonicJobs Inc. All rights reserved

Terms & Conditions | Privacy Policy | Browse Jobs