Staff DevSecOps

Job Description

VTEX is seeking a Staff Security Engineer - DevSecOps to enhance platform security without hindering development speed. This role focuses on integrating AppSec and CloudSec into the development process. The engineer will design and implement secure-by-default practices across the SDLC and cloud infrastructure, collaborating with Detection Engineering, Red Team, and platform teams.This individual will serve as a technical reference for secure architecture, lead vulnerability remediation, and drive initiatives to reduce the attack surface while fostering innovation. This is an engineering role embedded in the platform strategy, not a compliance position.Responsibilities:

• Design and maintain secure-by-default pipelines, IaC modules, and developer guardrails.
• Lead architectural reviews and threat modeling for platform-critical services.
• Identify and drive remediation of vulnerabilities across code, CI/CD, and cloud.
• Own security posture for core cloud infrastructure (CSPM, least privilege, K8s runtime protection).
• Collaborate with Detection Engineering on threat-informed defense.
• Act as AppSec and CloudSec technical lead on cross-functional engineering projects.
• Contribute to tooling strategy for SAST, secrets management, IaC scanning, and CSPM.
• Partner with engineering and DevOps to evolve secure paved roads and templates.
• Guide internal security champions and mentor other engineers.
• Support post-incident forensics and validate fixes through regression testing.

Requirements:

• Solid background as a software engineer, platform engineer, or SRE.
• Experience building or securing production systems in cloud-native environments (AWS, Kubernetes, Terraform).
• Familiarity with threat modeling, secure architecture, and modern attack surfaces.
• Practical experience with security tooling: SAST, secrets scanning, IaC scanning.
• Ability to reason about risk and prioritize effectively.
• Comfortable navigating codebases, CI/CD pipelines, and infrastructure stacks.
• Strong written and async communication skills.

VTEX offers:

• Annual profit-sharing program and equity eligibility.
• Health, dental, and life insurance with national coverage.
• Annual budget for professional development in Tech.
• Language development incentive program (English, Spanish, Portuguese).
• Flexible meal allowance.
• Extended parental leaves.
• Child-care assistance.
• Flexible work schedule and remote-first culture.
• Financial assistance to build your work-from-home setup.
• Wellness program.
• Free shipping on 1000+ VTEX stores.