DevSecOps Engineer Resume Example

“DevSecOps engineer with 5 years integrating security practices into software development lifecycles and CI/CD pipelines. Expert in automating security scanning, container hardening, and infrastructure security, with a mission to make secure software delivery the default rather than the exception.”

• Integrated security scanning into 50+ CI/CD pipelines. Blocks 400+ vulnerable dependencies and 200+ code vulns per quarter before production
• Set up software supply chain security - SBOM generation, dependency pinning, and signed container images for 100+ microservices
• Built a compliance-as-code framework automating 300+ CIS benchmark checks. Keeps a 98% compliance score across Kubernetes
• Created container hardening standards that reduced CVE exposure by 75% using minimal base images, read-only filesystems, and runtime policies
• Ran a developer security training program with hands-on labs. Security findings in code dropped 50% within 6 months
• Responsible for maintaining and updating all security scanning tools in the pipeline - Snyk, Trivy, SonarQube, and Gitleaks
• Worked with development teams to triage and fix security findings. Not every vulnerability is critical - helped prioritize what matters
• Managed the pre-commit hooks that check for secrets and known vulnerable patterns before code even gets pushed
• Wrote policy-as-code rules in OPA/Rego for Kubernetes admission control. Blocked non-compliant workloads from deploying

Include these keywords in your resume to pass Applicant Tracking Systems.

• Certified Kubernetes Security Specialist (CKS)
• AWS Certified Security - Specialty