Bandwidth Inc.

About the Company

Bandwidth is the universal communications platform that simplifies how businesses deliver integrated global experiences. It's flexible and ready to integrate with your entire communications stack. It's built on our own global network for unmatched reliability. And it's grounded in both telecom and real-world software expertise. So you can create exceptional experiences for customers—anywhere in the world.

Check out the platform that Cisco, Google, Microsoft, RingCentral, Uber, Zoom and more use to create unforgettable experiences.

Visit the link below to start communicating!

Listed Jobs

Company Name

Bandwidth Inc.

Job Title

Senior DevSecOps Engineer

Job Description

**Job Title:** Senior DevSecOps Engineer **Role Summary:** Design, implement, and maintain secure, automated CI/CD pipelines, cloud infrastructure, and observability solutions to embed security, compliance, and telemetry across all development and deployment stages. **Expectations:** - Deliver secure‑by‑default practices with shift‑left principles. - Integrate security tooling (SAST, DAST, SCA, IaC, CSPM, CWPP, SIEM, SOAR, EDR/XDR) across build, test, and deployment environments. - Build and maintain automated testing, compliance validation, and vulnerability data exchange frameworks. - Apply IaC and Policy‑as‑Code (Terraform, CloudFormation, OPA, Conftest) to enforce governance. - Consolidate observability (OpenTelemetry, Prometheus, DataDog, CloudWatch, Sumo Logic) and link telemetry to detection and response. - Implement secure configurations for AWS, Azure, and GCP using CSPM, CWPP, Zero‑Trust, and workload protection. - Collect, report, and improve DevSecOps metrics (vulnerability reduction, automation coverage, observability, compliance). - Support AI security initiatives, threat modeling, and model integrity testing. - Enable developers through secure coding training, tooling adoption, and champion programs. - Automate compliance evidence for SOC 2, ISO 27001, HIPAA, and FedRAMP. - Participate in incident response reviews and post‑mortem automation. **Key Responsibilities:** - Security tool integration and automation across CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, ArgoCD, Azure DevOps). - Development of reusable automation frameworks, APIs, and dashboards. - Collaboration with SecOps, AppSec, GRC, Cloud, and Engineering teams. - Continuous enforcement of governance, compliance, and Zero‑Trust controls. - Research and pilot emerging AI/ML threat detection and automated remediation solutions. **Required Skills:** - Deep knowledge of CI/CD tooling, IaC, and Policy‑as‑Code. - Proficiency in AWS, Azure, GCP security hardening, CSPM, CWPP, and Zero‑Trust. - Experience with security scanning (SAST, DAST, SCA, IaC, supply‑chain). - Strong scripting/automation skills (Python, Bash, Go, Terraform). - Expertise in observability (OpenTelemetry, Prometheus, DataDog, CloudWatch, Sumo Logic). - Familiarity with SOC 2, ISO 27001, HIPAA, FedRAMP, CIS, NIST, and FedRAMP benchmarks. - Ability to develop and maintain metrics, dashboards, and reporting. - Excellent communication for cross‑team collaboration and developer enablement. **Required Education & Certifications:** - Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or related discipline. - Relevant certifications (e.g., Certified DevSecOps Professional, AWS Certified Security – Specialty, GCP Professional Cloud Security Engineer, or equivalent).

Raleigh, United states

On site

Senior

03-02-2026