OverviewWe're looking for a Senior DevSecOps Engineer to work closely with our Lead DevSecOps Engineer to improve the security, reliability, infrastructure, deployment, and operational maturity of our platform. This is a hands-on individual contributor role for someone who enjoys building, automating, securing, and improving production systems - not managing a team.
You'll strengthen our CI/CD workflows, AWS infrastructure, observability, SOC 2 readiness, business continuity, disaster recovery, and 24/7 on-call operations. The ideal candidate is experienced, practical, and collaborative - comfortable owning technical workstreams and helping engineering teams ship safely and efficiently.
What You'll DoInfrastructure & Cloud Engineering- Design, build, and improve secure, scalable AWS infrastructure using infrastructure-as-code (Terraform, Pulumi-Python).
- Improve cloud networking, IAM, secrets management, environment isolation, and secure configuration.
- Standardize provisioning, access control, auditability, and change management.
- Troubleshoot infrastructure issues and drive long-term fixes that reduce operational toil.
CI/CD & Developer Experience- Build, maintain, and improve secure CI/CD pipelines for application, infrastructure, and platform deployments.
- Support container-based build and deployment workflows, including rolling updates and rollback strategies.
- Support Environment as a Service for the engineering and QA teams
- Reduce deployment friction while maintaining strong security and compliance controls.
Security, Compliance & SOC 2 Type 2- Embed security controls into infrastructure, CI/CD pipelines, and cloud operations.
- Support SOC 2 Type 2 readiness through control implementation, evidence collection, access reviews, and audit support.
- Manage secrets, IAM, least-privilege access, and vulnerability management across containers, dependencies, and cloud services.
- Ensure sensitive data is protected across logs, pipelines, monitoring systems, backups, and AI-assisted workflows.
- Contribute to secure usage patterns for AI/ML tools and services, including data handling, vendor risk, access controls, and model boundary considerations.
Observability, Reliability & On-Call- Build and improve observability across logs, metrics, dashboards, and alerts; maintain centralized logging pipelines.
- Define and maintain SLOs, SLIs, alerting standards, and escalation paths.
- Participate in a 24/7 production on-call rotation; support incident response, root-cause analysis, and postmortems.
- Create and maintain runbooks, playbooks, and operational documentation.
Business Continuity & Disaster Recovery- Design, document, and improve BC/DR plans; support RTO/RPO planning for critical systems.
- Implement and test backup, restore, replication, failover, and recovery procedures.
- Identify single points of failure and drive remediation across infrastructure, data stores, and operational processes.
What We're Looking ForExperience & Technical Skills- 6+ years in DevOps, DevSecOps, SRE, platform engineering, infrastructure, or security engineering.
- Strong hands-on AWS experience, including IAM, networking, logging, monitoring, and secure access patterns.
- Solid CI/CD pipeline development and release automation experience; container build and deployment workflows.
- Infrastructure-as-code with Terraform and/or Pulumi (Python); strong scripting in Python, Bash, or similar.
- Strong Ubuntu/Linux command-line experience.
- Strong networking fundamentals, including VPCs, DNS, TLS, routing, firewalls/security groups, load balancing, and private connectivity.
- Observability tooling: logs, metrics, dashboards, alerts, and operational visibility.
- Experience with secrets management, IAM, audit logging, vulnerability scanning, and secure configuration.
- Strong hands-on experience with AI tools (e.g. Claude, ChatGPT) and AI-assisted development workflows, including an understanding of related security and data-handling risks.
- Experience participating in 24/7 on-call operations and supporting high-reliability production systems.
Security & Compliance- Hands-on experience supporting SOC 2 Type 2 and/or ISO 27001 frameworks.
- Experience implementing controls for access management, change management, incident response, logging, and data protection.
- Ability to translate compliance requirements into practical, repeatable technical controls.
- Experience in regulated or security-sensitive environments (fintech, healthcare, enterprise SaaS) is a strong plus.
Reliability & Collaboration- Strong understanding of distributed systems, failure modes, and resilience; experience with SLOs/SLIs and incident management.
- Experience with backup, restore, failover, and disaster recovery procedures; familiarity with RTO/RPO planning.
- Strong communication skills; comfortable working closely with a technical lead while independently owning deliverables.
- Able to provide senior-level technical judgment and practical recommendations across DevSecOps, infrastructure, and security decisions.
- Ownership mindset, strong documentation habits, and comfort operating in high-accountability production environments.
Nice to Have- Jenkins, Docker, Kubernetes (including security, admission controls, and network policies).
- AWS ECS Fargate, CloudWatch, ELK stack, Bedrock, Redis, redshift, and AWS Systems Manager (SSM).
- Experience with SOC 2 Type 2 audit support and automated compliance evidence collection.
- Disaster recovery testing, tabletop exercises, and production failover planning.
- Fintech or other regulated industry background.
- Bachelor's degree in Computer Science
What We Offer- Competitive salary + equity.