Skip to Content

DevSecOps Engineer

--OPEXOR UAE--

As a member of our organization, you will work cross-functionally with teams across the business to design, build, and deliver innovative, market-leading products. You will join a growing company that offers competitive benefits, clear opportunities for career advancement, and the chance to learn and grow alongside accomplished industry leaders. We are seeking an experienced, high-performing professional who is motivated to make a meaningful impact.

This role requires both creativity and analytical rigor The ideal candidate is proactive, solution-oriented, and demonstrates a strong sense of ownership with a results-driven mindset. Success in this position requires excellent problem-solving skills and the ability to execute effectively in a fast-paced environment.

Customer Relationship
Personal Evolution
Autonomy
Administrative Work
Technical Expertise

Role Overview


  • Opexor is seeking a DevSecOps Engineer to integrate security controls into CI/CD pipelines and support secure software delivery for a regulated financial services environment. 
  • The role will implement SAST, SCA, secrets scanning, dependency scanning, DAST, security gates, vulnerability workflows, SIEM alerts, compliance evidence, and secure pipeline controls. 
  •  


Key Responsibilities


  • ntegrate DevSecOps controls into Azure DevOps pipelines.  
  • Configure SAST, SCA, secrets scanning, dependency scanning, DAST, and optional IaC or container scanning.  
  • Implement SonarQube or equivalent code quality and security gates.  
  • Define and implement security gate thresholds for critical, high, medium, and low findings.  
  • Configure scan result publishing and developer feedback in pull requests and pipeline reports.  
  • Support vulnerability management workflows, including findings ingestion, SLA tracking, remediation backlog, re-test, and closure.  
  • Map DevSecOps controls to OWASP Top 10, SAMA, NCA, PCI-DSS, or equivalent security frameworks.  
  • Integrate critical findings and pipeline failures with SIEM or incident management workflows.  
  • Support ITSM integration for change and release evidence.  
  • Ensure secrets are managed through approved vaulting solutions and are not exposed in pipeline logs.  
  • Support AI-aware DevSecOps controls, including human validation, audit logging, and governed recommendation handling where applicable.  
  • Prepare DevSecOps runbooks, evidence templates, and KT materials.  
  •  


Required Skills and Experience


  • 7+ years of technology or cybersecurity experience.  
  • 4+ years of DevSecOps implementation experience.  
  • Hands-on experience with Azure DevOps security tool integration.  
  • Experience with SAST, SCA, secrets scanning, dependency scanning, DAST, and vulnerability management.  
  • Experience with SonarQube or equivalent quality gate tools.  
  • Strong understanding of OWASP Top 10, secure coding practices, CVSS, vulnerability prioritization, and remediation workflows.  
  • Experience with Azure Key Vault or equivalent secrets management tools.  
  • Experience integrating security alerts with SIEM, SOC, or incident management workflows.  
  • Experience preparing audit-ready evidence for regulated environments.  
  • Familiarity with SAMA, NCA, PCI-DSS, or similar compliance frameworks is preferred.  
  • Strong scripting and automation skills are preferred.  
  • Understanding of AI-aware security controls is a plus.  



Required Certifications


  • Certified Secure Software Lifecycle Professional, CSSLP.  
  • DevSecOps Foundation or DevSecOps Engineering certification.  
  • Microsoft Certified: DevOps Engineer Expert.  
  • Certified Kubernetes Security Specialist, CKS, is a plus.  
  • CISSP, CISM, CompTIA Security+, or equivalent security certification is a plus. 


Expected Deliverables


  • DevSecOps scan integration.  
  • SAST, SCA, secrets scan, dependency scan, and DAST pipeline tasks.  
  • Security gate policies and thresholds.  
  • Vulnerability workflow configuration.  
  • Compliance control mapping.  
  • Scan reports and audit evidence templates.  
  • SIEM alerting integration design or configuration.  
  • DevSecOps runbooks and handover materials. 



Key Responsibilities

  • Present technical solutions
  • Meet sprint objectives
  • Translate requirements into solutions
  • Design and build systems
  • Maintain platforms and integrations

Must Have

  • Bachelor Degree or Higher
  • Passion for software products
  • Perfect written English
  • Highly creative and autonomous
  • Valid work permit for GCC

Nice to have

  • Technical documentation experience
  • Multi-language programming skills
  • Cloud platform and AI exposure
  • Strong analytical skills

What Makes This Role Rewarding?


  • A highly capable team of professionals working within a collaborative, inclusive, and transparent culture
  • Strong leadership that empowers teams with effective tools, sound decision-making, and flexible work practices
  • A streamlined operating environment that minimizes bureaucracy and enables ownership, accountability, and autonomy
  • Opportunities to broaden industry knowledge by working across diverse business sectors
  • The ability to design and deliver impactful technical solutions that provide ongoing value to customers and end users.
  • Meaningful responsibilities and engaging challenges within a fast-growing, continuously evolving organization

What We Offer

At Opexor, every team member, whether working remotely or in person, has the opportunity to see the direct impact of their work and contribute meaningfully to the company’s success. We value ownership, accountability, and outcomes, ensuring individual contributions are visible and recognized.
We actively foster connection and engagement across distributed teams through a mix of virtual and in-person initiatives, including wellness activities, team-building events, knowledge-sharing sessions, and social gatherings designed to strengthen collaboration and culture regardless of location.


Perks

Competitive compensation package
Flexible PTO.


Professional Development

Grow expertise with enterprise grade platforms.


Team Collaboration

Join a skilled supportive engineering team.


Travel

Depending on the role, opportunities for international travel and professional exposure may be available.