Senior Configuration Engineer, Product AppSec

#LI-REMOTE #LI-JC2

About the Role

We're looking for a Senior Configuration Engineer to lead the strategy, architecture, and operational maturity of enterprise software release management and delivery automation across cloud-native and enterprise product environments. You'll work at the intersection of Engineering, DevOps, Platform Engineering, Security, QA, and Product teams to improve release orchestration, deployment automation, artifact management, and software supply chain integrity. This role defines release engineering standards, modernizes CI/CD delivery practices, and establishes scalable governance frameworks that support both traditional enterprise software and modern cloud and AI-based products. 

Due to the fact that this position will deal with highly sensitive data and will support federal customers, we are only considering US citizens at this time. Security clearance is not required, but there is a slight chance it maybe requested in the future 

What You’ll Do

• Architect and lead scalable release orchestration workflows across cloud-native, SaaS, enterprise, and AI product environments, including quality gates and automated validation throughout the SDLC
• Design and maintain enterprise CI/CD platforms, implementing progressive delivery strategies such as blue/green deployments, canary releases, and phased rollouts
• Lead enterprise software packaging and artifact lifecycle management, including SBOM generation, artifact signing, provenance, dependency validation, and binary integrity verification
• Establish release governance frameworks with defined KPIs — deployment frequency, change failure rate, MTTR, and lead time — driving operational stability and incident reduction
• Embed DevSecOps principles into release workflows, collaborating with Security Engineering to integrate scanning, policy enforcement, compliance automation, and vulnerability validation
• Serve as the technical authority for release engineering standards, mentoring engineers and guiding teams on release automation, deployment strategies, and CI/CD best practices
• Communicate release readiness, operational risks, and deployment strategies to both technical and executive stakeholders 

Technologies You’ll Work With

• CI/CD platforms: Azure DevOps, Jenkins, GitLab CI/CD
• IaC and automation: Terraform, Ansible, cloud-init, Bash, PowerShell, Python
• Artifact management: JFrog Artifactory, Azure Artifacts, container registries
• Cloud: Azure (primary), including CIS Azure Foundations and Azure networking and identity management
• Security platforms: Wiz, Defender for Cloud, Checkmarx, Sentinel
• Containerization: Docker, Kubernetes 

What You’ll Bring

• 8+ years of experience in Release Engineering, DevOps, Platform Engineering, or SRE
• Demonstrated experience leading architecture of release and artifact management platforms at enterprise scale, including artifact signing, supply chain integrity, and secrets management
• 3+ years managing Azure and Azure DevOps environments
• Strong proficiency with Terraform, Ansible, cloud-init, Bash, and GitOps for infrastructure automation
• Track record of technical leadership: mentoring senior engineers, leading cross-team initiatives, and driving organization-wide release practices
• Bachelor's degree in Computer Science, Engineering, or equivalent experience 

Bonus Skills

• Experience in regulated or compliance-driven environments with formal security posture management
• Familiarity with software supply chain security frameworks (SLSA, NIST SSDF, OWASP SCVS)
• On-call availability and demonstrated incident response experience
• Relevant certifications such as AZ-400, CCSP, CSSLP, or GWEB