Senior DevSecOps Engineer

We are seeking a Senior DevSecOps Engineer to join our Engineering team. This role is critical to securing, hardening, and scaling the infrastructure that powers our platform across cloud-hosted production environments.

This engineer will work closely with platform, infrastructure, and security stakeholders to improve the security and operational maturity of our AWS and Kubernetes environments, support compliance and audit readiness, and help ensure our systems are reliable, secure, and maintainable as we grow. This role will also support environments serving regulated and security-sensitive customer needs, including an environment we host for a Government organization.

The ideal candidate combines strong hands-on infrastructure expertise with sound security judgment and a practical, execution-focused mindset. They should be comfortable working across cloud infrastructure, Kubernetes, operating systems, compliance controls, and production operations.

Core Responsibilities

Responsibilities include collaborating with the platform and engineering teams to secure and improve production infrastructure, harden cloud and host configurations, and build repeatable operational practices across environments. Key responsibilities include:

• Design, implement, and maintain secure, scalable infrastructure in AWS

• Manage, secure, and improve Kubernetes-based environments, including production workloads

• Build and maintain infrastructure as code using Terraform

• Harden production systems across cloud, compute, container, identity, and network layers

• Develop and maintain secure baseline configurations for infrastructure and platform services

• Support vulnerability management, patching, remediation, and configuration compliance efforts across environments

• Configure, administer, and patch both Linux and Windows VMs

• Support identity and access management practices, including least privilege, role design, and privileged access controls

• Contribute to administration and integration of Active Directory domains where needed

• Partner with engineering teams to improve security within CI/CD pipelines, deployment workflows, and operational processes

• Support compliance initiatives, audits, evidence collection, and technical control validation

• Develop and maintain documentation, operational runbooks, technical standards, and playbooks

• Monitor, troubleshoot, and resolve complex infrastructure and security issues with clear and timely communication

• Participate in incident response and post-incident analysis when infrastructure or platform issues arise

• Stay current on cloud, infrastructure, and security best practices that can improve platform resilience and delivery

Required Qualifications

• Minimum of 5 years of experience in DevOps, DevSecOps, Infrastructure Engineering, Platform Engineering, or Security Engineering

• Strong hands-on experience with AWS in production environments

• Proven experience with Kubernetes, preferably in production

• Strong experience with Terraform and infrastructure-as-code practices

• Experience hardening production environments and implementing secure configuration standards

• Experience supporting compliance frameworks, audit preparation, evidence gathering, and control validation

• Experience with vulnerability remediation, system patching, and operational security practices

• Experience configuring and maintaining both Linux and Windows virtual machines

• Strong understanding of IAM, secrets management, network security, logging, monitoring, and operational controls

• Proven experience improving or securing CI/CD pipelines and deployment workflows

• Excellent troubleshooting and problem-solving skills in complex production environments

• Strong communication skills with the ability to explain technical concepts to both technical and non-technical stakeholders

• Must live/work in the U.S.

Preferred Qualifications

Experience supporting environments with regulated, compliance-driven, or security-sensitive requirements

Familiarity with compliance or security frameworks such as SOC 2, NIST, ISO 27001, CMMC, or similar

Experience with EKS or other managed Kubernetes platforms

Experience configuring or supporting Active Directory Domain Services, Group Policy, or hybrid identity environments

Experience with automation and configuration management tools such as Ansible, PowerShell, or similar

Experience with PostgreSQL, cloud storage platforms, and production networking patterns

Scripting experience in Python, Bash, or PowerShell

Experience with security tooling related to container security, vulnerability management, or policy enforcement

Experience supporting customer-facing or mission-critical production infrastructure

Security+ Certification

Top Secret Security Clearance