DevSecOps Engineer

Engineering Remote Full-time

We are looking for a DevSecOps Engineer to embed security into every stage of our development and deployment lifecycle. You will be the bridge between development velocity and security rigor, ensuring that our CI/CD pipelines, infrastructure, and operational processes meet the highest security standards.

In this role, you will manage infrastructure-as-code for our multi-region Kubernetes deployment, automate vulnerability scanning and dependency auditing across all services, and build the tooling that enables our engineering teams to ship secure code quickly. You will also own our internal security posture and ensure we practice what we preach.

The ideal candidate is someone who thinks in systems and understands that security is not a gate at the end of a pipeline but a continuous property of the entire development process. You will work closely with platform engineers, security researchers, and the compliance team.

Responsibilities
  • Design and maintain CI/CD pipelines with integrated security scanning at every stage
  • Manage infrastructure-as-code (Terraform, Pulumi) for multi-region Kubernetes clusters
  • Implement and maintain container security scanning, SBOM generation, and policy enforcement
  • Automate vulnerability management workflows from detection through remediation
  • Build and maintain secrets management infrastructure and access control systems
  • Conduct periodic security assessments of internal infrastructure and development processes
Requirements
  • 4+ years of experience in DevOps, SRE, or DevSecOps roles
  • Strong proficiency with Kubernetes, Docker, and container orchestration at scale
  • Experience with infrastructure-as-code tools (Terraform, Pulumi, or CloudFormation)
  • Familiarity with CI/CD platforms (GitHub Actions, GitLab CI, or Jenkins)
  • Understanding of application security fundamentals (OWASP Top 10, SAST, DAST, SCA)
  • Experience with secrets management (Vault, AWS Secrets Manager, or similar)
Nice to Have
  • Experience implementing SOC 2 Type II or ISO 27001 controls in CI/CD pipelines
  • Background in supply chain security and SBOM tooling (Syft, Grype, Cosign)
  • CKS (Certified Kubernetes Security Specialist) or similar certification
  • Experience with zero-trust networking and service mesh security (Istio, Cilium)
What We Offer
Comprehensive health, dental & vision
Competitive equity package
$5K annual learning budget
$2K remote setup stipend
Generous PTO & flexible schedule
Annual team offsites

Interested in this role?

Send us your resume and a brief note about why you are excited about this position. We review every application and respond within five business days.