Sr. DevSecOps Software EngineerROLE OVERVIEWWe are seeking a Senior DevSecOps Software Engineer to lead the design and implementation of secure development and deployment practices across our software and systems stack. This is a high-impact, hands-on role where you will own the DevOps space and our stack for managing the CI/CD pipeline and help define DevSecOps strategy working with our VP of Cybersecurity, build secure pipelines, and ensure compliance with defense and commercial security standards-all while enabling rapid innovation.
RESPONSIBILITIES- Architect, build, and maintain secure CI/CD pipelines supporting cloud, on-prem, and embedded systems
- Proactively identify and resolve bottlenecks in CI/CD pipelines to maintain fast, reliable and scalable build and test workflows
- Integrate automated software test into the CI/CD pipeline with metrics to ensure that builds are clearly controlled and tested
- Integrate automated security testing (SAST, DAST, SCA, fuzzing) into development workflows
- Lead "shift-left" security initiatives across the software development lifecycle (SDLC)
- Design and enforce secure software supply chain practices, including artifact signing, SBOM generation, and dependency management
- Develop and manage Infrastructure-as-Code (IaC) with security-first principles (e.g., Terraform, CloudFormation)
- Establish and maintain secure build environments, including support for controlled or air-gapped systems
- Collaborate with software, firmware, and systems engineers to remediate vulnerabilities and improve secure coding practices
- Implement identity and access management (IAM), secrets management, and encryption strategies
- Monitor, detect, and respond to security events across environments
- Support compliance efforts aligned with standards such as NIST 800-171, CMMC, and related frameworks
REQUIRED SKILLS / EXPERIENCE- Bachelor's degree or higher in Computer Science, Engineering, or a related field (or equivalent industry experience)
- 6 or more years of experience in DevOps, DevSecOps, security engineering, or software engineering
- Experience with programming/scripting in environments like Python, Go, Bash, or similar
- Experience building and maintaining CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, etc.)
- Experience with cloud platforms (AWS, Azure, or GCP) and secure cloud architecture
- Proficiency with containerization and orchestration (Docker, Kubernetes)
- Understanding of application and infrastructure security (OWASP Top 10, secure coding practices)
- Experience with security tools such as SAST, DAST, SCA, container scanning
- A working knowledge of Linux, networking, and system security fundamentals
DESIRED SKILLS / EXPERIENCE
(Looking for one or more as a complement to the core skills)- Experience with managing pipeline for embedded firmware, real time software and test software infrastructure in addition to application or cloud software.
- Background in defense, aerospace, or other regulated industries
- Familiarity with compliance frameworks such as NIST 800-171, CMMC, RMF, or FedRAMP
- Experience with secure embedded development or RTOS environments
- Knowledge of Zero Trust architecture and policy-as-code (e.g., Open Policy Agent)
- Experience working with air-gapped or high-security environments
- Relevant certifications (e.g., CISSP, Security+, AWS Security Specialty)
QUALIFICATIONS- Strong ownership mindset and ability to operate in a fast-paced startup environment.
- Pragmatic approach to balancing security, compliance, and development velocity.
- Excellent cross-functional communication skills.
- Systems thinking across software, hardware, and infrastructure layers.
- Continuous learning mindset in a rapidly evolving threat landscape
WHAT SUCCESS LOOKS LIKE- Secure, scalable CI/CD pipelines that enable rapid and compliant software delivery
- Reduced vulnerability exposure and faster remediation cycles
- Strong alignment with defense and commercial security standards
- A culture where security is embedded into engineering from day one
Echodyne's technology is export controlled by the U.S. Government and we must evaluate an applicant's eligibility to handle export-controlled information or obtain required Government authorizations. Therefore, we will ask you as part of the application process to identify whether you are a U.S. Citizen or green card holder, or have asylum/refugee status in the U.S. WHAT WE OFFERThis is an exempt role.The expected annual salary range for this role is
$124,733-$187,048 USD
If your skills generally align but not perfectly, please apply anyway. There may be another role that's a great fit for you!We offer competitive compensation and benefits to our full-time, US-based employees, including:- RSU (Restricted Stock Units)
- Generous Benefits:
- Fully-paid medical, dental, and vision insurance premiums for you
- Choice of PPO or HDHP/HSA
- Virtual Care - 98Point6
- Employee Assistance Program
- Mental Health coverage through Springhealth & Talkspace (Premera)
- Travel Assistance Insurance
- Company Paid Life Insurance
- Company Paid Short & Long Term Disability
- Flexible PTO (exempt) / 15 days per year (non-exempt)
- 401(k) match
- Pet Insurance
- Prepaid Legal Program
- Commuter Benefits
- Paid Company Holidays
