We are looking for a Security Analyst/DevSecOps enginee r with 3–5 years of experience in security operations, compliance, and cloud security, with a strong emphasis on Amazon Web Services (AWS) and exposure to DevOps/ DevSecOps practices . In this role, you will contribute to SOC operations, security assessments, and compliance programs (SOC 2, ISO 27001) while partnering closely with engineering teams to secure and support AWS environments and services. The ideal candidate will have hands-on experience with AWS security tools, IAM, networking, automation, and monitoring, and will be confident in supporting compliance evidence collection and addressing customer/vendor security assessments. Key Responsibilities
* Monitor and respond to security alerts, incidents, and vulnerabilities.
* Manage and optimize AWS security tools, including GuardDuty, Security Hub, CloudTrail, and IAM.
* Partner with engineering teams to enforce AWS security best practices
* Integrate security checks into CI/CD pipelines (SAST, DAST, IaC, container scanning)
* Support compliance efforts by gathering SOC 2 and ISO 27001 evidence.
* Respond to customer and vendor security questionnaires.
* Maintain playbooks, runbooks, and documentation to strengthen security operations.
* Assist in DevOps related tasks as needed.
Requirements: * 3–5 years of experience in security operations, cloud security, or DevOps roles
* Strong hands-on experience with AWS services and cloud security concepts.
* Familiarity with CI/CD pipelines and security tooling (e.g., Jenkins, GitLab CI).
* Understanding of IaC frameworks (Terraform, CloudFormation) and related security practices.
* Experience with SAST/DAST tools, container scanning, and vulnerability management in DevSecOps workflows.
* Nice to have: knowledge of compliance frameworks (SOC 2, ISO 27001, NIST, CIS Benchmarks).
* Nice to have - AWS Certified Security, AWS Solutions Architect Associate, or DevSecOps-related certifications. About the Company: Appdome's mission is to protect every mobile app worldwide and its users. We provide mobile brands with the only patented, centralized, data-driven Mobile Cyber Defense Automation platform. Our platform delivers rapid no-code, no-SDK mobile app security, anti-fraud, anti-malware, anti-cheat, anti-bot implementations, configuration as code ease, Threat-Events™ threat-aware UI/UX control, ThreatScope™ Mobile XDR, and Certified Secure™ DevSecOps Certification in one integrated system. With Appdome, mobile developers, cyber and fraud teams can accelerate delivery, guarantee compliance, and leverage automation to build, test, release, and monitor the full range of cyber, anti-fraud, and other defenses needed in mobile apps from within mobile DevOps and CI/CD pipelines. Leading financial, healthcare, m-commerce, consumer, and B2B brands use Appdome to upgrade mobile DevSecOps and protect Android & iOS apps, mobile customers, and businesses globally. Today, Appdome's customers use our platform to secure over 50,000+ mobile apps, with protection for over 2 billion mobile end users projected.
Appdome is an Equal Opportunity Employer. We are committed to diversity, equity, and inclusion in our workplace. We do not discriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status, or any other characteristic protected by law. All qualified applicants will be considered for employment without regard to these characteristics.
This position is open to all candidates.