Senior DevSecOps Engineer | Bankrate

Red Ventures
$130,000 - $225,000Hybrid

About The Position

Platform Engineering builds the foundations our product teams ship on — deployment, infrastructure, and security. We're hiring a DevSecOps Engineer to be the technical owner of our security posture and a force multiplier for every engineer at the company. This is a build-the-function role, not a ticket-taking role. You'll treat security as code, bake it into the development lifecycle, and automate the toil away so teams can ship fast and safely. You'll have unusually broad ownership and unusually high impact.

Requirements

  • 5+ years in security engineering, DevSecOps, or platform/infrastructure engineering with a strong security focus (Staff level: 8+ years and a track record of building security functions or programs).
  • Deep hands-on cloud security experience (compute, networking, IAM, key management, logging) on a major cloud provider.
  • Strong infrastructure-as-code skills, especially Terraform, including policy-as-code.
  • Proven CI/CD security experience: building pipeline security controls (SAST/SCA, secret scanning, dependency and container scanning) into developer workflows.
  • Hands-on vulnerability management at scale: triage, prioritization, SLA-driven remediation, and the automation to make it sustainable.
  • Working knowledge of SOC 2 (or comparable frameworks) and what it takes to implement and evidence controls in a real engineering environment.
  • Fluency with the categories of modern cloud security tooling — CSPM, ASPM/SAST and secret scanning, compliance automation, and SIEM (e.g., tools such as Wiz, Prisma Cloud, Snyk, Drata, Vanta, or equivalents).
  • Strong coding/scripting ability to build automation, not just configure tools — you write the pipelines, modules, and tooling that scale security across many services.
  • Experience standing up or maturing an in-house security function.
  • Multi-cloud exposure and experience securing an internal developer platform.
  • Security monitoring and detection/alerting design.
  • Experience applying AI/LLM tooling to security operations — auto-remediation, evidence generation, agentic workflows.

Responsibilities

  • Own the engineering side of our compliance program (SOC 2 Type 2): implementing controls, collecting evidence, and keeping us audit-ready.
  • Operate our compliance automation platform — integrations, evidence pipelines, and mapping controls to real implementation.
  • Productize compliance: policy-as-code, automated evidence generation, and guardrails so passing audits doesn't slow product delivery.
  • Own cloud security posture management and runtime security tooling: posture monitoring, container and IaC scanning, and runtime coverage across our environment.
  • Triage and remediate findings against demanding SLAs, and design the automation and alerting that keeps pace with volume manual effort can't.
  • Build auto-remediation workflows — including AI-assisted pipelines — that detect, file, and (where safe) fix findings with minimal human intervention.
  • Build and maintain CI/CD security gates: SAST/SCA, secret scanning, SBOM generation, dependency management, and container/IaC scanning — implemented as reusable pipeline components and enforced through automated policy.
  • Encode security and compliance controls into infrastructure-as-code and policy-as-code so the easy path is the secure path.
  • Help close the prototype-to-production gap: turn fast-moving prototypes into production-grade, secure-by-default systems with automated guardrails.
  • Make secure-by-default the norm through our internal tooling, so the right controls are applied automatically rather than relying on engineers to remember.
  • Build the automation the team runs on — reusable modules, pipeline components, and AI/agentic tooling that turn manual security work into self-service capability.
  • Partner with corporate security and GRC functions while building and maturing our in-house security capability, so the team can make sound security decisions quickly and independently.

Benefits

  • Health Insurance Coverage (medical, dental, and vision)
  • Life Insurance
  • Short and Long-Term Disability Insurance
  • Flexible Spending Accounts
  • Holiday Pay
  • 401(k) with match
  • Employee Assistance Program
  • Paid Parental Bonding Benefit Program
  • Flexible Paid Time Off (PTO): We believe time to rest and recharge is essential. That’s why we offer a generous and flexible PTO policy. Full-time employees accrue 20 days of PTO for a full calendar year annually, with an increase to 25 days after five years of service.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service