Principal DevSecOps Engineer (Remote)
Location: Austin
Posted on: June 23, 2025
|
|
|
Job Description:
Company Description AbbVie's mission is to discover and deliver
innovative medicines and solutions that solve serious health issues
today and address the medical challenges of tomorrow. We strive to
have a remarkable impact on people's lives across several key
therapeutic areas immunology, oncology, neuroscience, and eye care
and products and services in our Allergan Aesthetics portfolio. For
more information about AbbVie, please visit us at www.abbvie.com .
Follow @abbvie on X , Facebook , Instagram , YouTube , LinkedIn and
Tik Tok . Job Description Become a key player in our Information
Security team as a Principal DevSecOps Engineer, where you will
leverage your expertise in application security, security
engineering, and software development to support and enhance our
inline code testing and reporting processes. This role involves the
implementation and administration of application security tooling,
integration into CI/CD pipelines, and providing support for
development teams using these products and consuming their
findings. This position can be virtual anywhere in the U.S.
Responsibilities Implementing and maintaining Application Security
Testing (AST) tools (SAST, DAST, IAST, SCA, etc.) to identify code
and dependency vulnerabilities during the software development
lifecycle. Implementing and maintaining Application Security
Posture Management (ASPM) tools to centralize and deduplicate
findings from multiple solutions and integrate into software
development processes. Acting as the first line of support for
users by helping resolve false positives, providing guidance on
finding remediation, and evaluating security exception requests.
Integrating security tooling with Continuous Integration/Continuous
Deployment (CICD) pipelines. Developing detailed reports on
security findings and remediation efforts. Demonstrate high
proficiency across a wide range of technologies and platforms
related to application security, software design and development,
containerization, and cloud environments. Qualifications Required:
Bachelors Degree and 8 years experience OR Masters Degree and 7
years experience OR PhD and 3 years experience 5 years of
experience in application security and software development 3 years
of experience implementing, administering, and supporting
application security tooling such as SAST/DAST/IAST/SCA Extensive
knowledge of secure coding practices across multiple programming
languages (esp. Java, Node.js) Extensive experience integrating
security testing into CICD pipelines Strong knowledge of
application security principles along with common vulnerabilities
(e.g., OWASP Top 10, CWE, etc.) and associated mitigations
Experience implementing and scaling DevSecOps practices and tooling
within large organizations Experience implementing DevSecOps
workflows in cloud environments such as AWS and Azure Experience
developing Infrastructure As Code (IAC) via solutions such as
TerraForm and/or CloudFormation Experience supporting developers
with assessing and mitigating application security test findings
Ability to effectively communicate technical findings to both
technical and non-technical stakeholders Demonstrated ability to
function as a principal engineer, generating original technical
ideas and strategies. Demonstrated creative 'out of the box'
thinking to solve difficult technical problems and champion new
technologies to achieve program goals. Excellent written and oral
English communication skills, as demonstrated by presenting at
leading scientific or technical conferences. Experience coaching
and supporting the development of junior engineers Preferred:
Experience implementing tooling to consolidate application security
test findings from multiple sources to facilitate developer
engagement and integrate with development workflows and tracking
systems Experience administering Snyk and Endor Labs Experience
integrating Cloud Security Posture Management (CSPM) tooling with
application security pipelines Experience automating workflows via
programming and scripting languages such as Python Experience
building logging into DevSecOps pipelines to gain insights into
pipeline performance Experience collaborating with vulnerability
and risk management partners to interface with risk management and
acceptance processes Additional Information Applicable only to
applicants applying to a position in any location with pay
disclosure requirements under state orlocal law: The compensation
range described below is the range of possible base pay
compensation that the Companybelieves ingood faith it will pay for
this role at the timeof this posting based on the job grade for
this position.Individualcompensation paid within this range will
depend on many factors including geographic location, andwemay
ultimatelypay more or less than the posted range. This range may be
modified in thefuture. We offer a comprehensive package of benefits
including paid time off (vacation, holidays,
sick),medical/dental/visioninsurance and 401(k) to
eligibleemployees. This job is eligible to participate in our
short-term incentiveprograms. This job is eligible to participate
in our long-term incentiveprograms Note: No amount of payis
considered to bewages or compensation until such amount is earned,
vested, anddeterminable.The amount and availability of any
bonus,commission, incentive, benefits, or any other form
ofcompensation and benefitsthat are allocable to a particular
employee remains in the Company's sole andabsolutediscretion unless
and until paid andmay be modified at the Companys sole and absolute
discretion, consistent withapplicable law. AbbVie is an equal
opportunity employer and is committed to operating with integrity,
driving innovation, transforming lives and serving our community.
Equal Opportunity Employer/Veterans/Disabled. US & Puerto Rico only
- to learn more, visit
https://www.abbvie.com/join-us/equal-employment-opportunity-employer.html
US & Puerto Rico applicants seeking a reasonable accommodation,
click here to learn more:
https://www.abbvie.com/join-us/reasonable-accommodations.html
Keywords: , Bryan , Principal DevSecOps Engineer (Remote), IT / Software / Systems , Austin, Texas
