Senior DevSecOps Engineer

Job Description

• Harden AWS and Kubernetes environments through automation, policy-as-code, and guardrails.
• Own and evolve our DevSecOps strategy across infrastructure and application pipelines.
• Drive end-to-end secure development practices: integrate security into CI/CD, build pre-commit hooks, and improve developer productivity without sacrificing security.
• Create and implement lightweight, scalable security controls that support fast-moving teams.
• Partner with engineering to identify and mitigate risks in architecture, design, and implementation stages.
• Participate in an on-call rotation to resolve critical/high-risk security issues as well as respond to security incidents with urgency and clarity.
• Identify opportunities to fix systemic gaps, reduce recurring pain points, and avoid reactive “whack-a-mole” cycles.

• 4+ years of experience in security engineering with a strong focus on DevSecOps and secure cloud infrastructure on AWS.
• Hands-on expertise with infrastructure-as-code tools (Terraform, CloudFormation) for AWS, as well as the Kubernetes ecosystem of tools.
• Strong coding/scripting skills in Python, Bash, or equivalent languages for automating security tasks.
• Experience with CI/CD platforms and integrating security controls early in the pipeline.
• Comfortable navigating ambiguity, driving clarity, and leading through execution in fast-paced environments.
• Willingness to go above and beyond, including submitting fixes and supporting teams directly when needed.
• Experience using AI to automate security tasks is a significant plus (e.g. log analysis, code review, alert triage).
• Familiarity with application security concepts is preferred, but not required.

• Equity
• Benefits