Senior DevSecOps Engineer

Senior DevSecOps Engineer  

TitleSenior DevSecOps Engineer 

DepartmentR&D 

LocationNiwot, CO (Hybrid) 

Reports To 

About Us  

Established in 1972, Particle Measuring Systems is a global leader for micro-contamination monitoring equipment improving the performance of clean manufactures in the semiconductor and pharmaceutical industries.  We’re a growing technology company in Niwot, Colorado, the heart of the Rocky Mountains.  We offer an exceptional and rewarding work environment in a great place to live.  Our employees enjoy challenging projects in the development and manufacture of light scattering particle counters and diverse technologies and applications. 

Your Impact  

We are looking for a Senior DevSecOps Engineer who will contribute to the success of the R&D Team, applying their expertise in DevSecOps to support the achievement of team and company goals and deliver innovative, reliable solutions.  In this role, the successful candidate will collaborate effectively with colleagues and cross-functional teams, demonstrate strong problem-solving and decision-making skills, and maintain a commitment to professional excellence, quality and continuous improvement. 

The Role (manager input) 

Summary 

Job Responsibilities 

• Lead a DevSecOps team that builds and manages secure cloud environments and CI/CD pipelines integrating automated security testing, vulnerability management and compliance controls to support efficient and secure firmware and software delivery. 

• Define and implement security and compliance practices, including vulnerability scanning, dependency analysis, SBOM management, threat modeling, and secure coding standards with SAST, DAST, SCA and SBOM tools. 

• Collaborate with development teams to improve workflows, release strategies, automated testing environments and integrate security practices into the development process. 

• Automate the provisioning and configuration of servers, containers, and other infrastructure components using IaC and configuration management tools. 

• Administer and maintain binary repositories. 

• Implement and maintain monitoring and logging systems to ensure the health and performance of our CI/CD pipeline infrastructure. 

• Lead a team through the vulnerability management lifecycle; investigating and remediating security vulnerabilities and incidents in CI/CD pipelines and product releases. 

• Troubleshoot and resolve issues related to development, automated testing, and release, and security incidents, ensuring tight feedback loops and maximum value throughout. 

• Collaborate and communicate with development teams to capture performance metrics, identify bottlenecks, and implement improvement strategies. 

• Work with a cross-functional team to ensure product releases meet internal and regulatory cybersecurity standards. 

• Stay up to date with emerging technologies, industry trends, security frameworks, and software supply chain security best practices. 

• Recommend and procure new DevOps and cybersecurity related tools, work with legal to approve tools, track license agreements, communicate with vendors, plan upgrades and negotiate costs. 

• Actively participate in building and maintaining a strong DevSecOps team by establishing technical interview criteria and evaluating candidates through interviews. 

• Mentor and provide guidance to members of the DevSecOps team, firmware and software teams, fostering a culture of knowledge sharing, secure development practices and continuous learning/improvement. 

• Continuously evaluate processes for improvements in efficiency, quality, and safety. 

• This job description is not intended to be all-inclusive.  Responsibilities may evolve over time, and other related duties may be assigned to meet the ongoing needs of the company. 

Required Qualifications 

• Bachelor of Science in Computer Science or a related Engineering field. 

• 2 years of experience as a DevSecOps Engineer or security-focused DevOps Engineer and 5 total years of experience in engineering, with a strong understanding of software development practices and methodologies. 

• 2 years of experience as a technical lead within DevSecOps or other Engineering practices. 

• Development experience in either embedded firmware or software. 

• Experience integrating SAST, DAST, SCA and SBOM tools into CI/CD pipelines. 

• Hands-on experience managing binary repositories. 

• Proficiency with AWS or other major cloud platforms. 

• Proficiency in IaC and configuration management tools like. 

• Strong scripting skills in languages like Bash, Python, or PowerShell. 

• Experience using build tools such as CMake, Make, or custom toolchains. 

• Experience with containerization technologies such as Docker. 

• Working knowledge of CI/CD tools like Jenkins, Bitbucket Pipelines and GitHub Actions. 

• Familiarity with monitoring and logging tools such as Prometheus and Grafana. 

• Cyber Security knowledge and experience; solid understanding of cybersecurity principles, vulnerability management, and DevSecOps practices. 

• Experience implementing shift-left security across the product development lifecycle. 

• Excellent problem-solving and troubleshooting skills, with the ability to analyze complex systems and identify root causes. 

• Strong communication and collaboration skills, capable of working effectively in cross-functional teams. 

• Experience interviewing engineering candidates. 

Preferred Qualifications 

• Understanding of Agile, DevOps and DevSecOps methodologies, with experience embedding security into software development processes. 

• Expertise in Git and the Atlassian suite of software development tools including Bitbucket pipelines. 

• Experience integrating security scanning tools into CI/CD pipelines (SAST, DAST). 

• Familiarity with automated software composition analysis (SCA) and open-source compliance practices. 

• Familiarity with DORA metrics. 

• Cyber Security certifications such as CISSP, CCSP, Security+, AWS Certified Security - Specialty. 

• Experience with SBOM standards such as SPDX and CycloneDX. 

• Familiar with industry standards such as EN 18037 and IEC 62443. 

• Knowledge and experience with techniques required by EU Cyber Resilience Act, particularly with respect to vulnerability management. 

• Expertise in performing threat modeling and risk assessment. 

• Experience working alongside cybersecurity teams to ensure secure development practices and incident response readiness. 

• Previous experience in vendor management. 

• Experience in multi-disciplinary engineering environment. 

Work Environment & Physical Requirements 

• This role primarily operates in an office/lab/manufacturing environment. 

• Must be able to sit, stand, and use a computer for extended periods of time. 

• This is a hybrid position, “in-office” approximately 50% of the time. 

• Occasional lifting of up to 20 lbs. may be required. 

• Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions of this role. 

Compensation & Benefits 

• Competitive base salary range: $110,000 - $158,000 

• Our compensation philosophy: we offer competitive pay based on market data, including local, national, and industry benchmarks.  For new hires, offers are generally within the established min- to mid-point of the range for the role, with flexibility to recognize experience, skills, and education.  Our approach ensures fair pay internally while remaining competitive externally and allows room for growth.  

• Comprehensive benefits package: 

• Health coverage: medical, dental, vision, fsa, onsite clinic (CO employees), life insurance 

• 401(k) retirement plan with company match 

• Vacation, holiday, and leave policies 

• Tuition reimbursement, Employee recognition programs, Employee assistance programs 

Particle Measuring Systems is proud to be an Equal Opportunity Employer and are committed to building an inclusive and supportive workplace where everyone can thrive. 

#LI-JC1