Devsecops Engineer Jobs in USA with Visa Sponsorship
DevSecOps Engineers are strong H-1B candidates, the role meets USCIS specialty occupation standards through its required expertise in cloud security, CI/CD pipelines, and infrastructure automation. Employers actively sponsor because qualified candidates are genuinely scarce. For detailed occupation requirements, see the O*NET profile.
See All Devsecops Engineer JobsOverview
Showing 5 of 67+ Devsecops Engineer jobs
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
Have you applied for this role?
See all 67+ Devsecops Engineer jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new Devsecops Engineer roles.
Get Access To All JobsPosition Description: We are seeking a hands-on DevSecOps/AI Security Engineer to embed security through our SDLC, cloud platforms, and machine learning pipelines. You will integrate and automate security controls in continuous integration and continuous delivery pipelines, harden cloud and containerized environments, and secure AI/ML systems across the full lifecycle, from data ingestion and training to model development and inference. This role closely partners with software engineers, IT operations and market segment leadership to reduce risk while maintaining delivery velocity. A flexible hybrid-remote work schedule is available after 30 days of employment.
Typical responsibilities include:
SECURE SDLC & CI/CD
- Review and triage findings from code, dependency, and infrastructure scans; drive remediation with software engineer teams and track to closure.
- Perform secure code reviews for high risk changes, focusing on authentication, authorization, input validation, crypto, and secrets handling.
CLOUD & CONTAINER SECURITY
- Continuously validate cloud posture (Azure/AWS) against guardrails (CSPM/Policy-as-Code); open tickets for misconfigurations and follow through.
- Harden Containers: enforce admission controls, image provenance, runtime policies, and least-privilege service accounts.
AI/ML SECURITY
- Test AI systems for adversarial risks daily (prompt injection, data poisoning indicators, model theft, jailbreaks, indirect prompt attacks).
- Validate privacy & compliance in AI use cases (PII masking, DLP, consent flags) and enforce policy in pipelines and serving layers.
IDENTITY, SECRETS & ACCESS
- Rotate and validate secrets in code, pipelines, and model infra (KMS, vaults); eliminate hardcoded credentials and enforce short lived tokens.
- Review access patterns (human and service principals) for AI training/inference resources; ensure least privilege and conditional access.
DETECTION & INCIDENT READINESS
- Tune detections for DevSecOps and AI signals (SIEM/SOAR rules for code repositories, registries, pipelines, model endpoints).
- Investigate alerts rapidly, perform root cause analysis, and document playbook steps/improvements.
Policy, Compliance & Documentation
- Update runbooks and security guidelines (secure coding, AI model handling, data privacy) as changes land.
- Log evidence for controls (scan results, approvals, sign-offs) to support audits (SOC 2, ISO 27001, HIPAA, etc.).
- Maintain a safe working environment.
Education & certification:
- Bachelors degree in Cybersecurity, Computer Science, Software Engineering
- EC-Council Certified DevSecOps Engineer (Highly Desired)
- ISACA Advanced AI Security Management (Highly Desired)
Skills/Experience
- 5+ years of experience with cloud platform services and DevSecOps practices.
- Strong organizational skills and attention to detail.
- Must be able to communicate effectively with cross-functional teams.
- Ability to manage multiple projects and deadlines.
- Ability to work independently and as part of a team in a fast-paced environment.
Position Description: We are seeking a hands-on DevSecOps/AI Security Engineer to embed security through our SDLC, cloud platforms, and machine learning pipelines. You will integrate and automate security controls in continuous integration and continuous delivery pipelines, harden cloud and containerized environments, and secure AI/ML systems across the full lifecycle, from data ingestion and training to model development and inference. This role closely partners with software engineers, IT operations and market segment leadership to reduce risk while maintaining delivery velocity. A flexible hybrid-remote work schedule is available after 30 days of employment.
Typical responsibilities include:
SECURE SDLC & CI/CD
- Review and triage findings from code, dependency, and infrastructure scans; drive remediation with software engineer teams and track to closure.
- Perform secure code reviews for high risk changes, focusing on authentication, authorization, input validation, crypto, and secrets handling.
CLOUD & CONTAINER SECURITY
- Continuously validate cloud posture (Azure/AWS) against guardrails (CSPM/Policy-as-Code); open tickets for misconfigurations and follow through.
- Harden Containers: enforce admission controls, image provenance, runtime policies, and least-privilege service accounts.
AI/ML SECURITY
- Test AI systems for adversarial risks daily (prompt injection, data poisoning indicators, model theft, jailbreaks, indirect prompt attacks).
- Validate privacy & compliance in AI use cases (PII masking, DLP, consent flags) and enforce policy in pipelines and serving layers.
IDENTITY, SECRETS & ACCESS
- Rotate and validate secrets in code, pipelines, and model infra (KMS, vaults); eliminate hardcoded credentials and enforce short lived tokens.
- Review access patterns (human and service principals) for AI training/inference resources; ensure least privilege and conditional access.
DETECTION & INCIDENT READINESS
- Tune detections for DevSecOps and AI signals (SIEM/SOAR rules for code repositories, registries, pipelines, model endpoints).
- Investigate alerts rapidly, perform root cause analysis, and document playbook steps/improvements.
Policy, Compliance & Documentation
- Update runbooks and security guidelines (secure coding, AI model handling, data privacy) as changes land.
- Log evidence for controls (scan results, approvals, sign-offs) to support audits (SOC 2, ISO 27001, HIPAA, etc.).
- Maintain a safe working environment.
Education & certification:
- Bachelors degree in Cybersecurity, Computer Science, Software Engineering
- EC-Council Certified DevSecOps Engineer (Highly Desired)
- ISACA Advanced AI Security Management (Highly Desired)
Skills/Experience
- 5+ years of experience with cloud platform services and DevSecOps practices.
- Strong organizational skills and attention to detail.
- Must be able to communicate effectively with cross-functional teams.
- Ability to manage multiple projects and deadlines.
- Ability to work independently and as part of a team in a fast-paced environment.
How to Get Visa Sponsorship as a Devsecops Engineer
Frame your skills around the specialty occupation standard
USCIS approves H-1B petitions when the role requires a specific bachelor's degree or higher. Emphasize that your position demands a degree in computer science, cybersecurity, or information systems, not just general IT experience.
Target employers with a proven H-1B track record
Large tech firms, defense contractors, and financial institutions file H-1B petitions for DevSecOps roles regularly. Companies with established immigration programs move faster and make fewer petition errors than first-time sponsors.
Certifications strengthen your petition, not just your resume
CISSP, AWS Security Specialty, and CKS certifications signal specialized knowledge that supports the specialty occupation argument. Include them in your visa documentation, not just your job applications, they reinforce degree equivalency.
Address the security clearance question early
Some DevSecOps roles require U.S. security clearances, which visa holders typically cannot obtain. Clarify clearance requirements before investing time in the application process to avoid late-stage rejections.
Get your job description language right before the LCA is filed
The Labor Condition Application must reflect actual job duties. Vague descriptions like 'supports security operations' are weaker than 'designs and implements automated vulnerability scanning pipelines in Kubernetes environments.' Work with your employer on specificity.
Use Migrate Mate to filter for verified sponsoring employers
Not every job posting that lists DevSecOps duties is from a company willing to sponsor. Migrate Mate surfaces roles from employers who have sponsored visas before, saving you from applying to positions that will stall at the immigration stage.
Devsecops Engineer jobs are hiring across the US. Find yours.
Find Devsecops Engineer JobsSee all 67+ Devsecops Engineer jobs
Sign up for free to unlock all listings, filter by visa type, and get alerts for new Devsecops Engineer roles.
Get Access To All JobsFrequently Asked Questions
Does DevSecOps qualify as a specialty occupation for H-1B purposes?
Yes, DevSecOps Engineer consistently qualifies as a specialty occupation under USCIS standards. The role requires theoretical and practical application of highly specialized knowledge in security engineering, cloud infrastructure, and software development, and a bachelor's degree or higher in computer science, cybersecurity, or a closely related field is a normal industry requirement for entry into the position.
What degree do I need for an employer to sponsor my H-1B as a DevSecOps Engineer?
A bachelor's degree in computer science, information security, software engineering, or a related technical field is the standard requirement. If your degree is in a different field, substantial coursework in security or systems combined with relevant certifications (CISSP, AWS Security Specialty) may support the petition, but your employer's immigration attorney will need to build that argument carefully.
Are DevSecOps roles harder to sponsor than general software engineering roles?
Not harder, but more scrutinized. USCIS pays close attention to job descriptions that blend operations and development, sometimes questioning whether the role is truly specialized or more of a generalist IT position. A well-drafted petition that details specific security engineering duties, required tools, and degree alignment addresses this directly. Employers who sponsor frequently know how to structure these petitions.
Can I find DevSecOps jobs that explicitly offer visa sponsorship?
Yes. Migrate Mate lists DevSecOps Engineer roles from employers with confirmed H-1B sponsorship history, so you're not guessing which postings are realistic. Many DevSecOps openings at cloud-native companies, defense technology firms, and large financial institutions include sponsorship as a standard hiring option given how difficult these roles are to fill domestically.
Do security clearance requirements disqualify visa holders from DevSecOps roles?
For roles requiring active U.S. security clearances (Secret, Top Secret, TS/SCI), visa holders are generally ineligible because clearances require U.S. citizenship or permanent residency. However, many DevSecOps positions at commercial companies, cloud providers, and non-defense contractors have no clearance requirement. Filter your search to clearance-optional roles to avoid wasted applications.
What is the prevailing wage requirement for sponsored Devsecops Engineer jobs?
U.S. employers sponsoring a visa must pay at least the prevailing wage, which is what workers in the same role, area, and experience level typically earn. The Department of Labor sets this rate to make sure companies aren't hiring foreign workers simply because they'd accept lower pay than a U.S. worker. It varies by job title, location, and experience. You can look up current prevailing wage rates for any occupation and location using the OFLC Wage Search page.
See which Devsecops Engineer employers are hiring and sponsoring visas right now.
Search Devsecops Engineer Jobs