Senior DevSecOps Engineer

What You’ll Do

• Detect, protect, and respond (hands‑on)
• Own day‑to‑day security operations for cloud and Kubernetes workloads (threat detection, alert triage, incident response, forensics, and post‑incident learning).
• Build and tune detections and automations (SOAR/runbooks, detection‑as‑code, Sigma/queries) to reduce MTTA/MTTR and eliminate noisy alerts.


• Secure our delivery pipelines & runtime
• Harden CI/CD and software supply chain (secrets, SBOMs, artifact signing, SLSA/Cosign), and drive “secure by default” patterns in build/deploy.
• Lead cloud/K8s/serverless hardening (IaC reviews, policy‑as‑code, admission controls, least privilege, network segmentation)


• Raise the bar across the organization (beyond prod)
• Partner with IT/SRE to evolve identity & access (SSO/MFA/JIT/JEA), endpoint/EDR posture, email & SaaS security, and third‑party/vendor risk.
• Run vuln management end‑to‑end: scanning, prioritization, remediation SLAs, and executive reporting.
• Contribute to security governance (policies, standards, tabletop exercises, BCP/DR inputs) and support compliance efforts (e.g., SOC 2/ISO 27001).


• Influence, automate, and measure
• Build security tooling and integrations (preferably Python or Go) that engineers love to use.
• Define metrics/KPIs (coverage, drift, exposure, response times) and regularly communicate risk & progress to engineering and leadership.
• Mentor engineers on secure design and champion a positive, enablement‑first security culture.

What You’ll Bring

• 5+ years in Security Operations/Cloud Security/Blue Team roles, with deep, hands‑on experience in AWS (IAM/GuardDuty/CloudTrail/CloudWatch) and Kubernetes/containers.
• Strong incident response skills across detection, investigation, containment, and recovery especially in complex cloud-native environments.
• Proficiency building security automations and tools in Python or Go; experience with SOAR and API‑driven workflows.
• Practical expertise with SIEM/log analytics (e.g., ELK/OpenSearch, Splunk), EDR, CSPM/CNAPP, and secrets management (e.g., Vault).
• Solid grasp of CI/CD security, supply‑chain risks (SAST/DAST/IAST, dependency scanning, artifact signing), and IaC (Terraform) security reviews.
• Networking & Linux fundamentals; proven ability to partner with DevOps/SRE/R&D and to communicate risk clearly to non‑security stakeholders.
• Willingness to participate in a shared on‑call rotation for security incidents.