DevSecOps Engineer

The Role

We're seeking a DevSecOps Engineer to join our team and own the intersection of infrastructure, security, and compliance. This role goes beyond traditional DevOps: you'll be the guardian of our infrastructure security posture, ensuring every deployment, configuration, and system meets the highest security standards our enterprise clients demand.

While you'll be hands-on with day-to-day infrastructure operations, your lens will always be security-first. You'll think about threat models, attack surfaces, and compliance implications as you build and maintain our cloud infrastructure.

‍

What You'll Do

• Design, implement, and maintain secure cloud infrastructure on AWS using infrastructure-as-code principles with Terraform and Terraform Cloud
• Build security into every layer of our infrastructure, from network segmentation and secrets management to container security and access controls
• Own and evolve our security compliance programs, including maintaining SOC 2 certification and driving attainment of new certifications such as ISO 27001
• Lead GRC (Governance, Risk, and Compliance) initiatives, including security assessments, vendor questionnaires, and audit preparation
• Implement and manage security automation tools and workflows to continuously improve our security posture
• Develop and maintain security monitoring, logging, and alerting systems to detect and respond to potential threats
• Collaborate with engineering teams to ensure secure deployment practices and provide security guidance on architecture decisions
• Support enterprise client requirements including containerized deployments, security documentation, and compliance inquiries
• Conduct regular security reviews of infrastructure configurations, identifying and remediating vulnerabilities
• Stay current with security threats, compliance requirements, and industry best practices

‍

What We're Looking For

• Strong intermediate+ experience in DevOps/Infrastructure engineering with a security focus
• Hands-on experience with AWS services and security best practices (IAM, VPC, Security Groups, KMS, CloudTrail, etc.)
• Proficiency with Terraform and infrastructure-as-code methodologies
• Experience with compliance frameworks such as SOC 2, ISO 27001, or similar certifications
• Understanding of container security, including image scanning, vulnerability management, and secure deployment practices
• Knowledge of secrets management solutions and cryptographic best practices
• Experience with security automation tools and CI/CD pipeline security
• Familiarity with modern security tooling and monitoring solutions
• Strong understanding of network security, encryption, and authentication protocols
• Ability to translate complex security requirements into practical infrastructure implementations
• Excellent communication skills: you'll be interfacing with clients, auditors, and internal teams
• Self-motivated with the ability to work independently and prioritize effectively

‍

Nice to Have

• Experience supporting enterprise banking or financial services clients
• Knowledge of authentication and authorization protocols (OAuth, OIDC, CIBA, etc.)
• Familiarity with serverless architectures and AWS Lambda
• Experience with security incident response and forensics
• Relevant security certifications (AWS Security Specialty, CISSP, CEH, etc.)
• Contributions to open-source security projects
• Experience with pen testing or vulnerability assessment tools