Sr DevSecOps Engineer

Location:

4910 Tiedeman Road, Brooklyn Ohio

Job Summary
The Senior DevSecOps Engineer provides leadership in the areas of cloud security, compliance, and automation. This role is responsible for implementing and managing security practices across the DevOps lifecycle, including vulnerability remediation, certificate and identity management, and security monitoring. The engineer will also contribute to the development of automated security frameworks and integrate security tools into CI/CD pipelines to support secure and scalable cloud deployments.

Essential Functions

• Lead daily security and compliance efforts across cloud platforms (GCP, Azure, AWS).
• Manage vulnerability scanning, remediation, and reporting using tools like Tenable and NMAP.
• Oversee certificate management, identity and access management, and key management systems.
• Analyze security monitoring outputs and develop automated responses.
• Develop and maintain automated security frameworks using scripting languages (e.g., Bash, Python).
• Integrate security tools into CI/CD pipelines using APIs and plugins.
• Collaborate with DevOps, development, and engineering teams to implement DevSecOps practices.
• Mentor and lead team members in security concepts and best practices.
• Participate in Agile development processes, including user stories, continuous integration, and delivery.
• Ensure compliance with standards such as PCI-DSS, HIPAA, SOX, GDPR, and CCPA.
• Adhere to technical standards and contribute to their evolution.
• Performs other duties as assigned; duties, responsibilities and/or activities may change or new ones may be assigned at any time with or without notice
• Complies with all KeyBank policies and procedures, including without limitation, acting professionally at all times, conducting business ethically, avoiding conflicts of interest, and acting in the best interests of Key’s clients and Key.

Education

• Bachelor's Degree in computer science or a related field, or equivalent experience. (required)

Work Experience

• 3+ years of experience in a production engineering, DevOps, or security-focused role. (required)
• Experience coordinating and performing vulnerability assessments and audits. (required)

Licenses and Certifications

• CISM, CISSP, or equivalent security certifications (required)
• Auditing and compliance certifications such as CISA, PCI-ISA, or PCIP. (preferred)

Skills

• Leading security efforts across cloud platforms (GCP, Azure, AWS) and ensuring adherence to standards like PCI-DSS, HIPAA, and NIST.
• Performing scanning, remediation, and reporting using tools like Tenable and NMAP.
• Developing automated security frameworks using Bash, Python, or similar scripting languages.
• Embedding security tools and practices into continuous integration and delivery pipelines.
• Managing certificates, keys, and access controls across cloud environments.
• Analyzing monitoring outputs and implementing automated responses to threats.
• Working closely with DevOps and engineering teams to embed security into the development lifecycle.
• Applying frameworks such as CIS, NIST, and RFC2196 to guide security practices.
• Guiding team members in security best practices and fostering a strong security culture.
• Diagnosing complex security issues and developing effective, scalable solutions.
• Experience working in dynamic environments with cross-functional teams.

Core Competencies

• All KeyBank employees are expected to demonstrate Key’s Values and abide by Key’s Code of Conduct.

Physical Demands

• General Office - Prolonged sitting, ability to communicate face to face in person or on the phone with teammates and clients, frequent use of PC/laptop, occasional lifting/pushing/pulling of backpacks, computer bags up to 10 lbs.

Work Location Category

• Hybrid (2+ days)

COMPENSATION AND BENEFITS

This position is eligible to earn a base salary in the range of $112,000.00 - $210,000.00 annually. Placement within the pay range may differ based upon various factors, including but not limited to skills, experience and geographic location. Compensation for this role also includes eligibility for incentive compensation subject to individual and company performance.

Please click here for a list of benefits for which this position is eligible.

Key has implemented an approach to employee workspaces which prioritizes in-office presence, while providing flexible options in circumstances where roles can be performed effectively in a mobile environment.

Job Posting Expiration Date: 01/24/2026 KeyCorp is an Equal Opportunity Employer committed to sustaining an inclusive culture. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, genetic information, pregnancy, disability, veteran status or any other characteristic protected by law.

Qualified individuals with disabilities or disabled veterans who are unable or limited in their ability to apply on this site may request reasonable accommodations by emailing HR_Compliance@keybank.com.

#LI-Remote