Job Board
LogoLogo
Application Tracker
Get Daily Notifications
New

Get Jobs Tailored to Your Resume

Filtr uses AI to scan 1000+ jobs and finds postings that perfectly matches your resume

AbbVie Logo

Principal DevSecOps Engineer - Information Security

AbbVie

Salary not specified
Oct 1, 2025
Colorado Springs, CO, USA
Apply Now

The company is looking to enhance its inline code testing and reporting processes by implementing and administering application security tooling, integrating it into CI/CD pipelines, and providing support to development teams.

Requirements

  • 4+ years of experience in application security and software development.
  • 2+ years of experience implementing, administering, and supporting application security tooling such as SAST/DAST/IAST/SCA
  • Strong knowledge of secure coding practices across multiple programming languages (esp. Java, Node.js)
  • Experience integrating security testing into CICD pipelines via solutions such as GitHub Actions and Azure DevOps
  • Strong knowledge of application security principles along with common vulnerabilities (e.g., OWASP Top 10, CWE, etc.) and associated mitigations
  • Experience supporting developers with assessing and mitigating application security test findings
  • Experience implementing DevSecOps workflows in cloud environments such as AWS and Azure

Responsibilities

  • Implementing and maintaining Application Security Testing (AST) tools (SAST, DAST, IAST, SCA, etc.) to identify code and dependency vulnerabilities during the software development lifecycle.
  • Implementing and maintaining Application Security Posture Management (ASPM) tools to centralize and deduplicate findings from multiple solutions and integrate into software development processes.
  • Acting as the first line of support for users by helping resolve false positives, providing guidance on finding remediation, and evaluating security exception requests.
  • Integrating security tooling with Continuous Integration/Continuous Deployment (CICD) pipelines.
  • Developing detailed reports on security findings and remediation efforts.
  • Demonstrate high proficiency across a wide range of technologies and platforms related to application security, software design and development, containerization, and cloud environments.

Other

  • This position can be virtual anywhere in the U.S.
  • Ability to effectively communicate technical findings to both technical and non-technical stakeholders