Senior DevSecOps Engineer

Every nation has data. Few can protect it. Fewer still can act on it.

Dream is the sovereign AI and national cyber-defense company for governments.

We help nations secure their most critical systems, connect fragmented information at a national scale, and turn their most sensitive data into decisions, all fully sovereign.

This is more than a job. It's a Dream job, where you'll work at a global scale alongside some of the best AI researchers, cyber operators, and government experts in the world.

We defend nations against the most advanced threats in the world with a national security suite that offers AI-native resilience against APTs with visibility, insights and mediation across Posture, CTI, and Detection & Response, all fully sovereign.

We are looking for an experienced DevSecOps Engineer to join our DevOps core platform team and help strengthen the security of our cloud-native infrastructure and development pipelines.

You will work closely with our CISO, DevOps team, and developers to integrate security practices across the entire software development lifecycle (SDLC), helping ensure a secure, scalable, and resilient platform across cloud and on-prem environments.

• Integrate security practices into CI/CD pipelines and across the SDLC
• Design and implement automated security solutions (vulnerability scanning, compliance checks, threat detection)
• Build and maintain Infrastructure as Code (IaC) for secure, scalable cloud environments (Terraform, Ansible)
• Automate security controls and operational processes across cloud and Kubernetes environments
• Design, implement, and optimize CI/CD pipelines with a focus on security, reliability, and performance
• Secure cloud and on-prem environments (IAM, network controls, encryption best practices)
• Manage and harden Kubernetes workloads, including configuration, access control, and image security
• Collaborate with DevOps, developers, and security teams to improve system reliability and overall security posture
• Conduct security assessments, penetration testing, and compliance audits
• Monitor threats, respond to incidents, and improve incident response processes
• Promote DevSecOps culture by guiding teams on secure coding, infrastructure, and deployment practices
• Enhance observability by integrating monitoring, logging, and SIEM solutions

• 5-8 years of experience in DevOps/Security, focusing on secure infrastructure and application security.
• Expertise in cloud security (AWS, GCP, Azure) and Infrastructure as Code (IaC) tools like Terraform and Ansible.
• Experience integrating security into CI/CD pipelines using tools like Jenkins, GitHub Actions, and ArgoCD.
• Knowledge of container security, Kubernetes best practices, and image scanning.
• Proficient with security practices (SAST, DAST, SCA, secret scanning) and compliance frameworks (e.g., CIS, NIST, ISO 27001, SOC2).
• Strong scripting skills (Python, Bash) for automating security tasks.
• Experience with zero-trust models, IAM, and secrets management.
• Familiar with AWS security tools (GuardDuty, Inspector, Shield, CloudTrail) and monitoring/alerting solutions (Grafana, Prometheus, SIEM).
• Strong troubleshooting skills in network security, encryption, and secure authentication.
• Excellent communication and collaboration skills.

Advantages:

• Experience securing endpoint products (agents, sensors, collectors).
• Background in AI security (securing ML models, training pipelines, inference serving).
• Hands-on experience with policy as code tools such as OPA (Open Policy Agent) or Kyverno.
• Familiarity with compliance frameworks like ISO 27001, SOC 2, HIPAA, PCI-DSS, or FedRAMP.

Tech Stack:

• Cloud & Orchestration: AWS, Kubernetes, EKS, ECS
• CI/CD & IaC: Jenkins, GitHub Actions, Terraform, Ansible, ArgoCD
• Programming & Scripting: Python, Bash, Go
• Monitoring & Logging: Prometheus, Grafana, Loki
• Databases & Messaging: MongoDB, RabbitMQ, Postgres, Neo4J, etc

If you think this role doesn't fully match your skills but are eager to grow and break glass ceilings, we’d love to hear from you!