Senior DevSecOps Engineer

About The Position

Requirements

• 5–8 years of experience in DevOps, DevSecOps, SRE, Cloud Engineering, or Platform Engineering roles
• Strong hands-on AWS experience: EC2, EKS, IAM, VPC, S3, and related services
• Production Kubernetes experience including cluster operations and workload security
• Experience building and maintaining CI/CD pipelines with integrated security tooling
• Working knowledge of SOC 2 or similar compliance frameworks and their operational implications
• Infrastructure-as-code fluency with Terraform or OpenTofu
• Strong incident response skills: you’ve been in the hot seat and know how to stay calm and methodical
• Excellent written communication: you can document a runbook, write a post-mortem, and explain a technical risk to a non-technical stakeholder

Nice To Haves

• Experience with CJIS Security Policy or other criminal justice / government data frameworks
• AWS GovCloud experience
• Familiarity with agentic AI workflows or LLM security considerations
• Experience with observability platforms (Datadog, OpenTelemetry, or similar)

Responsibilities

• Design, build, and maintain secure AWS infrastructure across standard and GovCloud environments
• Own infrastructure-as-code (Terraform / OpenTofu) with a security-first mindset
• Manage IAM strategy, least-privilege access controls, and cloud security posture
• Operate and evolve our EKS-based platform including node lifecycle, workload isolation, and cluster security
• Implement and maintain admission control, network policies, and runtime security tooling
• Partner with engineering teams on deployment patterns and container security
• Build and maintain secure, automated deployment pipelines (GitHub Actions)
• Integrate SAST, dependency scanning, secrets detection, and container image scanning into the SDLC
• Drive shift-left security practices across the engineering organization
• Maintain and improve security controls aligned to CJIS Security Policy and SOC 2 Trust Services Criteria
• Effectively and efficiently triage or resolve security alerts by working with engineering teams and/or committing code yourself
• Manage vulnerability management workflows, prioritization, and remediation tracking
• Support audit preparation, evidence collection, and control documentation
• Monitor for threats and respond to security findings across cloud, application, and endpoint layers
• Enforce and maintain software supply chain security across the organization
• Serve as an on-call responder for infrastructure and security incidents
• Drive post-incident reviews and own follow-up remediation items
• Develop and refine runbooks, alerting, and on-call procedures
• Identify and implement automation opportunities that reduce manual operational toil
• Contribute to AI-assisted operations initiatives, including agentic workflows and observability improvements
• Apply security controls to AI tooling and LLM-integrated systems as they are introduced

Benefits

• Competitive salary and benefits package
• Unlimited Paid Time Off
• Ability to work in a fully remote environment (must be based in the U.S. and willing to work in Central Time Zone)
• Summer Half-Day Fridays
• Freed Up Fridays during Spring, Fall, and Winter months to promote productivity and dedicated heads-down work time
• Medical, dental, and vision plan offerings
• 401(k)
• Employer-paid Short-Term Disability, Long-Term Disability, and Life Insurance
• Other Voluntary Benefits include additional Life Insurance, Spouse Life Insurance, and Accident Insurance
• The satisfaction that comes with being part of a solution that has real impact in the world
• A diverse workforce and inclusive environment that embraces unique contributions and experiences
• An empowered culture that encourages creativity and professional growth