DevSecOps Engineer

Job Description

Coast is seeking a DevSecOps Engineer to be its first security-focused hire. This role is within the platform engineering team, where the candidate will help mature the organization's security practices. The DevSecOps Engineer will collaborate with the product team to maintain high compliance standards, focusing on areas like network security, cloud permissions, SIEM, code scanning, partner information requests, SOC2 compliance, and vendor security. The goal is to establish efficient processes that minimize friction and maximize visibility.This role involves:

• Improving security standards and innovating best practices.
• Influencing product design and implementation.
• Working with the compliance team to respond to partner requests and maintain SOC2 certification.
• Improving scanning to identify and remediate risks.
• Organizing the permissioning system.
• Championing security practices within the engineering culture.
• Maintaining security documentation.
• Balancing product velocity with security needs.

Requirements include:

• 3+ years of experience with engineering teams, improving security posture.
• Experience working with product engineers.
• Proficiency in automating tooling using shell or programming languages like Python or Javascript.
• Experience with Terraform/CloudFormation/Pulumi/CDK.
• Hands-on knowledge of cloud development (preferably AWS), especially IAM and SIEM.
• Ability to research, design, and implement security solutions.
• An owner mindset with a focus on continuous improvement.
• Knowledge of industry trends in CICD, networking, phishing, and vendor landscape.

Coast offers:

• Competitive salary, benefits, signing bonus, and equity.
• Medical, dental, and vision insurance.
• Unlimited paid time off.
• Paid parental leave.
• $400 accessories allowance.
• Free lunch every Friday.
• Education stipend.
• 401K.