Senior DevSec Ops Engineer

Full-Time | Remote | Competitive Compensation

We're hiring a Senior DevSecOps Engineer to own cloud and application security end-to-end. This is a security-heavy role focused on hardening infrastructure, auditing existing systems, proactively identifying vulnerabilities, and continuously improving our security posture to prevent breaches.

Responsibilities

- Audit existing infrastructure and applications for security gaps and misconfigurations

- Continuously assess, remediate, and strengthen security controls

- Architect and secure AWS environments (IAM least-privilege, SCPs, VPC segmentation, KMS encryption) using Terraform, Terragrunt, and CDKTF

- Harden EKS clusters (RBAC, IRSA, Pod Security, network policies)

- Embed security into CI/CD (SAST, SCA, DAST, IaC & container scanning)

- Implement zero-trust and defense-in-depth strategies

- Set up logging, monitoring, and threat detection (GuardDuty, Security Hub)

- Lead vulnerability management and support incident response

Requirements

- 5+ years DevOps/DevSecOps in production AWS environments

- Strong Terraform/Terragrunt/CDKTF

- Deep Kubernetes (EKS) security expertise

- Hands-on experience with tools like Trivy, Snyk, Aikido, Checkov, AWS Inspector

- Strong understanding of threat modeling, cloud security architecture, and compliance (SOC2/ISO27001)

Looking for someone who thinks like an adversary, proactively prevents exploits, and continuously strengthens security, not just someone who maintains infrastructure.