As a DevSecOps Engineer at Pismo, you will be a key player in embedding security into every stage of our software development lifecycle. You’ll work closely with engineering, platform, and GRC teams to ensure our cloud-native infrastructure and applications are secure, scalable, and compliant with industry standards.
What you will do:
- Design and implement security controls in CI/CD pipelines (Shift Left).
- Integrate SAST, SCA, and DAST tools into development workflows.
- Collaborate with developers to remediate vulnerabilities early in the lifecycle.
- Manage and monitor cloud security configurations (AWS, EKS, IAM, GuardDuty).
- Develop and maintain infrastructure-as-code (Terraform) with security best practices.
- Support red team exercises and penetration testing remediation.
- Ensure compliance with PCI DSS and secure handling of sensitive data (e.g., PAN, PII).
- Contribute to threat modeling, risk assessments, and incident response planning.
This is a remote position. A remote position does not require job duties be performed within proximity of a Visa office location. Remote positions may be required to be present at a Visa office with scheduled notice. #LI-Remote