DevSecOps Engineer (contract)
Indexed description
Recognized as a top destination for innovators and champions of inclusion, BNY is where bold ideas meet advanced technology and exceptional talent. Together, we power the future of finance – and this is what is all about. Join us and be part of something extraordinary.
Job Summary:
We are seeking an DevSecOps Engineer to support enterprise application development teams by integrating security best practices throughout the Software Development Lifecycle (SDLC). This role is focused on application security architecture reviews, secure coding practices, vulnerability management, threat modeling, and collaboration with development teams to ensure applications are secure, compliant, and fit for purpose.
This role is a remote role that is also open to candidates who are interested in coming onsite located in Lake Mary, FL, Pittsburgh, PA, or New York, NY.
Key Responsibilities:
- Application Security Consulting: Serve as a Subject Matter Expert (SME) for application security initiatives, providing guidance and recommendations to development teams throughout the SDLC
- Security Architecture Reviews: Conduct security assessments and architecture reviews for new applications, platforms, and technology solutions to ensure compliance with security standards and best practices
- Secure Development Practices: Establish and promote secure coding guidelines, vulnerability management processes, and application security standards across development teams
- Vulnerability Assessment & Remediation: Identify security vulnerabilities through code reviews, security testing, and assessment activities while partnering with development teams on remediation strategies
- Code Review & Security Testing: Perform static, dynamic, and manual source code reviews, secure code analysis, and application security assessments
- Threat Modeling: Conduct threat modeling exercises during application design and development phases to identify and mitigate potential security risks
- DevSecOps Integration: Partner with engineering teams to integrate security controls, automated testing, and security tooling into CI/CD and DevOps pipelines
- Security Tool Enablement: Support developers in utilizing security scanning tools, vulnerability management platforms, and secure development technologies
- Risk Management: Track security findings, technical debt, remediation activities, and compliance requirements while ensuring timely resolution of security issues
- Client & Stakeholder Engagement: Collaborate with internal stakeholders and external clients to communicate security requirements, recommendations, and risk mitigation strategies
- AI Security Evaluation: Assist with security reviews of AI-enabled platforms and evaluate opportunities for leveraging AI development tools within secure software development practices
- Continuous Improvement: Stay current on emerging security threats, attack vectors, application security trends, and evolving industry best practices
- 3+ years of experience in Application Security, Security Engineering, Security Architecture, Software Development, or a related cybersecurity role
- Bachelor's degree in Computer Science, Cybersecurity, Information Security, or a related field
- Experience performing application security assessments, including penetration testing, secure code reviews, and vulnerability analysis
- Strong understanding of secure software development lifecycle (SSDLC) principles and secure coding best practices
- Experience identifying and remediating common application vulnerabilities, including OWASP Top 10 risks
- Ability to partner with development teams, conduct security architecture reviews, and provide guidance on secure application design
- Familiarity with programming languages such as Java, Python, or C/C++
- Strong communication, presentation, and stakeholder management skills
- Exposure to AI-assisted development tools or AI-enabled applications
- Experience supporting DevSecOps practices and integrating security into CI/CD pipelines
- Experience working in large enterprise or regulated environments
- Background as a software developer who transitioned into application security
At BNY, our culture speaks for itself, check out the latest BNY news at:
BNY Newsroom
BNY LinkedIn
Here’s a few of our recent awards:
America’s Most Innovative Companies, Fortune, 2025
World’s Most Admired Companies, Fortune 2025
“Most Just Companies”, Just Capital and CNBC, 2025
Pay Rate Range
58.4 - 73 USD hourly
Additional Notes
Applications will be accepted on an ongoing basis.
This posting is for a contract assignment with Tundra Technical Solutions to provide services to Bank of New York (BNY). Please note that this is not a full-time employment opportunity. Candidates selected for this role will be engaged as contractors for the specified duration of the project. For any inquiries regarding the terms of the contract or engagement, please contact Tundra Technical Solutions directly.
Benefits Information
Optional benefits offering include medical, dental, vision and retirement benefits via Tundra Technical Solutions.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search