The Role
About Wyllo
About the Role
You will
You have
Mindset & Approach
Working at Wyllo
Wyllo is a CX-first, end-to-end risk intelligence platform that helps ecommerce merchants manage fraud, policy abuse, and customer experience across the entire commerce lifecycle. By combining identity signals with behavioral intelligence, Wyllo enables merchants to better understand shopper intent and make smarter decisions across checkout, returns, refunds, and customer support. Wyllo works with leading ecommerce brands and integrates directly into the platforms where merchants manage orders and customer interactions. Learn more at www.wyllo.ai
About the Role
As a Senior DevSecOps, you'll architect security into every layer of our AWS infrastructure while maintaining the velocity that makes us successful. You'll own our compliance automation strategy for PCI DSS and SOC2, secure our machine learning models from adversarial attacks, and build the security foundation for our next phase of growth.
You will
Security Architecture & Automation (45%)
- Lead design and implementation of enterprise-grade security controls across AWS infrastructure (EC2, ECS, Kubernetes)
- Architect automated security scanning into CI/CD pipelines (Jenkins, GitHub Actions, Harness)
- Design and implement policy-as-code for Terraform infrastructure using Spacelift
- Lead container security strategy including scanning, hardening, and runtime protection (CrowdStrike)
- Mentor team members on security best practices and secure architecture patterns
- Define security roadmap and drive strategic security initiatives
Compliance & Risk Management (25%)
- Lead PCI DSS and SOC2 compliance automation and evidence collection strategy
- Design and maintain continuous compliance monitoring with automated controls
- Conduct comprehensive security assessments and advanced vulnerability management
- Create security documentation, runbooks, and compliance artifacts
- Serve as technical liaison for security audits and assessments
Incident Response & Monitoring (20%)
- Architect and optimize AWS security services (GuardDuty, Security Hub, Inspector)
- Design advanced security monitoring with Datadog SIEM integration
- Lead incident response procedures and conduct post-mortems
- Implement intelligent automated remediation workflows
- Establish security metrics and reporting dashboards
Developer Enablement (10%)
- Build self-service security tools and guardrails for development teams
- Conduct security training and establish security champions program
- Implement frictionless security controls that enable velocity
- Drive security culture across the engineering organization
You have
Technical Skills
- 6+ years securing production AWS environments with deep expertise in IAM, VPC architecture, and AWS security services
- 5+ years mastering Infrastructure as Code with advanced Terraform patterns and security best practices
- Expert-level Python and Bash scripting for complex security automation
- 3+ years hands-on container security (Docker hardening, multi-stage builds, ECS/EKS security)
- Proven experience integrating security into CI/CD pipelines at scale
- Deep knowledge of PCI DSS and SOC2 with hands-on compliance implementation experience
- Experience with security scanning tools (Snyk, Trivy, tfsec, Tenable) and secrets management (Doppler, AWS Secrets Manager)
- Automation-first mentality with demonstrated track record of eliminating toil and manual processes
- Strategic balance between security rigor and business velocity
- Excellent communication skills for working with developers, leadership, auditors, and external stakeholders
- Experience working in high-performance, fast-moving startup environments
Remote Logistics
This is a fully remote role with a team primarily based in EST time zone. We require 8 hours per day of overlap for collaboration.
Compensation
Compensation for this role will be determined based on a variety of factors, including but not limited to geographic location, relevant experience, skill set, and level of the role.
We’re a high-performing team that is passionate about fraud and a community driven by values that shape everything we do. We seek passionate and dedicated individuals who align with our core principles; Integrity, Pride, Humility and Impact.
- Integrity: We do the right thing, even when it’s tough, and even if no one sees it. We always consider the customer’s best interest in every decision we make.
- Pride: We know that the work we do is important, and we take great pride in doing it well. We show up every day with the best intentions, ready to deliver superb outcomes for our team, our customers, and ourselves.
- Humility: We leave our egos at the door, approaching problems as a team, with openness and collaboration. We’re willing to be wrong in order to get things right.
- Impact: We are results-oriented, we take ownership, and we hold ourselves accountable to get things done and deliver results.
If you are excited to collaborate in a fast-paced, purpose-driven environment where your contributions truly matter, we’d love to have you join us!
Equal Employment Opportunity
Wyllo LLC provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics, sexual orientation, political affiliation, military veteran status, domestic violence victim status, or any other protected characteristic under applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Similar Jobs
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
NoFraud and Yofi are now Wyllo. Wyllo is the only CX-first, end-to-end risk intelligence platform that helps ecommerce merchants manage fraud, policy abuse, and customer experience across the entire commerce lifecycle. By combining identity signals with behavioral intelligence, Wyllo enables merchants to better understand shopper intent and make smarter decisions across checkout, returns, refunds, and customer support. Wyllo works with leading ecommerce brands and integrates directly into the platforms where merchants manage orders and customer interactions.
.png){kind=logo}
