Job Information
Motion Recruitment Partners Security Engineer in Phoenix, Arizona
Security Engineer
Phoenix, Arizona
Onsite
Contract
$60/hr - $65/hr
Join a technology services organization as a Security Engineer in a full-time role focused on operating code security scanning with emphasis on Secret Scanning using Datadog. This position can be onsite or hybrid/remote as approved. You'll be responsible for identifying exposed credentials, keys, tokens, and other secrets in repositories and pipelines while owning the end-to-end remediation lifecycle including triage, validation, rotation/revocation, replacement with secure patterns, and prevention controls to stop recurrence. Working closely with development teams and the Client Security Advisor, you'll build a repeatable operational model that produces audit-friendly evidence while implementing preventative controls to block secrets from landing in code.
This is an exceptional opportunity for a security engineer who wants to make immediate, measurable impact on application security posture. Unlike traditional security roles focused only on detection, you'll own the complete remediation lifecycle from finding secrets to ensuring they're properly rotated, replaced with secure patterns, and prevented from recurring. The hands-on nature of this role means you'll work directly with engineering teams, gaining deep understanding of CI/CD pipelines, Git workflows, and secure development practices. You'll build automation and runbooks that scale remediation efforts across the organization while establishing SLAs and operational processes for critical exposures. Working with Datadog Code Security provides experience with a leading security platform while developing transferable skills applicable to similar tools like GitHub Advanced Security, Snyk, or SonarQube. The role offers significant technical variety, from configuring scanning tools and triaging findings to writing scripts for automation and implementing policy gates in CI/CD pipelines. You'll partner with the Client Security Advisor to ensure remediation work meets audit requirements, gaining valuable experience in compliance and evidence collection. The position combines security engineering with DevSecOps practices, building expertise in secrets management, cloud identity patterns, and secure SDLC that are highly sought after in the market. With opportunities to implement preventative controls and standardize secure patterns across the organization, you'll drive cultural change toward security-first development practices.
Required Skills & Experience
4+ years in security engineering, DevSecOps, or application security
Strong hands-on experience with secrets management including vaults/KMS, rotation practices, and least privilege principles
Experience with Git workflows and CI/CD pipelines including PRs, build agents, and branching strategies
Proven experience with remediation in real engineering environments, not just detection
Ability to write scripts and automation using Python, PowerShell, or Bash for triage, validation, and remediation support
Strong communication and coordination skills across development teams and operations
Experience triaging security findings and distinguishing true positives from false positives
Understanding of credential rotation and revocation processes
Ability to assess severity based on blast radius, environment exposure, and privilege levels
Experience implementing secure secret management patterns
Desired Skills & Experience
Experience with Datadog Code Security or similar tools such as GitHub Advanced Security, Snyk, SonarQube, or Veracode
Familiarity with cloud identity and access patterns including Azure AD, managed identities, and key vault integrations
Knowledge of secure SDLC practices and common application security vulnerability classes
Experience implementing CI/CD security gates and policy enforcement
Background in DevSecOps or application security programs
Understanding of secret injection patterns including environment variables and vault/KMS integrations
Experience building runbooks and operational documentation
Familiarity with compliance and audit evidence requirements
Experience with on-call rotations for security incidents
Knowledge of container security and cloud-native patterns
What You Will Be Doing
Tech Breakdown
35% Secret Detection and Triage (configuring scanning, validating findings, assessing severity)
30% Remediation Execution (credential rotation, secure pattern replacement, verification)
20% Prevention and Automation (CI/PR checks, policy gates, scripting, developer guidance)
15% Operations and Reporting (runbooks, SLAs, evidence collection, progress tracking)
Daily Responsibilities
45% Hands-On Remediation (rotating credentials, removing secrets, implementing secure patterns)
30% Triage and Validation (analyzing findings, assessing severity, coordinating with teams)
25% Prevention and Documentation (building controls, automation, runbooks, reporting)
You will receive the following benefits:
Medical Insurance - Four medical plans to choose from for you and your family
Dental & Orthodontia Benefits
Vision Benefits
Health Savings Account (HSA)
Health and Dependent Care Flexible Spending Accounts
Voluntary Life Insurance, Long-Term & Short-Term Disability Insurance
Hospital Indemnity Insurance
401(k) including match with pre and post-tax options
Paid Sick Time Leave
Legal and Identity Protection Plans
Pre-tax Commuter Benefit
529 College Saver Plan
Motion Recruitment Partners (MRP) is an Equal Opportunity Employer. All applicants must be currently authorized to work on a full-time basis in the country for which they are applying, and no sponsorship is currently available. Employment is subject to the successful completion of a pre-employment screening. Accommodation will be provided in all parts of the hiring process as required under MRP’s Employment Accommodation policy. Applicants need to make their needs known in advance.
Specialization:
- Security Engineering