Staff DevSecOps Engineer
New
Must be based in the USFull-TimeStaff
Salary$190,000 - $199,000 a year
Apply NowOpens the employer's application page
Job Details
- Experience
- 8+ years in cloud-native infrastructure or platform engineering roles
- Required Skills
- AWSPythonKubernetesTypeScriptGoCI/CDTerraform
Requirements
- 8+ years in cloud-native infrastructure or platform engineering roles, with demonstrable progression in technical scope and leadership
- Hands-on expertise with AWS and Kubernetes (EKS) in production environments
- Security depth in supply chain risk, IAM/zero-trust patterns, secrets management, and platform-level vulnerability management
- Experience translating compliance frameworks (HITRUST, SOC 2, or equivalent) into concrete engineering controls
- Fluency in infrastructure-as-code (Terraform/HCL)
- Proficiency in at least one scripting language (Python, Go, or Node.js/TypeScript)
- Experience with modern CI/CD systems, pipeline integrity, artifact signing, and registry controls
- Strong written communication and track record of driving technical decisions in async, remote environments
Responsibilities
- Champion a security-first mindset within Engineering to help set the security posture of our platform infrastructure — supply chain hardening, secrets management, IAM/IRSA, container image integrity, and vulnerability remediation across our AWS/EKS environment
- Design and build automation that makes compliance evidence continuous, not manual — translating HITRUST controls into passing tests and structured outputs that flow into our compliance tooling (Vanta)
- Embed security into the platform by default: make the secure path the easy path for application engineers, through guardrails, policy-as-code, and well-documented patterns
- Partner with our Security team to translate threat assessments and control gaps into engineering proposals with clear scope, tradeoffs, and recommended paths forward
- Lead platform security initiatives from design to operationalization — requirements, technical design, code and code review, deployment, and documentation
- Contribute hands-on to the broader platform: CI/CD pipelines, container orchestration, observability, and developer tooling
- Participate in on-call rotation and own the systems you build, including production incidents
- Mentor engineers on security practices and raise the security baseline across the team
View Full Description & ApplyYou'll be redirected to the employer's site
