Ethos is hiring a DevSecOps Engineer - DroneSense

DriveWhip is hiring a DevSecOps Engineer to join our DroneSense team. You will work alongside DevOps and engineering teams to ensure platforms, repositories, and CI/CD pipelines are secure by default while remaining easy to build, test, and deploy against. Your primary mission will be to own and continuously improve our security posture across multiple AWS environments.

What You'll Do

• Work with DevOps and engineering teams to ensure platforms, repositories, and CI/CD pipelines are secure by default.
• Identify security risks through tools, audits, and monitoring, and drive them to resolution.
• Take ownership of the security posture across multiple AWS accounts and continuously improve it over time.
• Design and maintain security guardrails around IAM, logging, monitoring, and encryption.
• Manage repository-level security scanning (SAST, dependency scanning, secrets detection) using tools such as Aikido and ensure findings are actionable.
• Partner with DevOps teams to secure Kubernetes clusters, with a strong focus on Rancher.
• Improve security visibility through monitoring, logging, and reporting.
• Automate security controls and validations using Infrastructure as Code and scripting.
• Help document security standards, patterns, and operational runbooks.

What We're Looking For

• 5+ years of experience in DevOps, DevSecOps, or Cloud Security roles.
• Strong hands-on experience securing AWS in production environments.
• Experience working with multi-account AWS setups.
• Experience with repository security scanning (SAST, dependency scanning, secrets detection).
• Experience supporting security and compliance initiatives (e.g., SOC 2, TX-RAMP, or similar).
• Solid understanding of IAM, network security, and secrets management.
• 3+ years of experience working with and securing Kubernetes clusters.
• Experience using Rancher for Kubernetes cluster management.
• Hands-on experience securing CI/CD pipelines (GitLab CI, GitHub Actions, etc.).
• Experience using Infrastructure as Code tools such as Terraform, OpenTofu, or CloudFormation.
• Experience partnering with security teams or risk stakeholders.
• Must be a full time US citizen or naturalized citizen from a NATO country, current resident in one of the 50 contiguous United States.
• A valid LinkedIn profile with photo MUST be included to be considered.

Nice to Have

• Experience with SOC 2, ISO 27001, NIST 800-53, CJIS.
• Experience with FedRAMP, TxRAMP or similar.
• Background in software development.

Technical Stack

• AWS
• Kubernetes, Rancher
• GitLab CI, GitHub Actions
• Terraform, OpenTofu, CloudFormation
• Aikido

Work Mode

This role is a remote position open to candidates residing in one of the 50 contiguous United States.

DriveWhip is an equal opportunity employer committed to equity, diversity, inclusion, and a barrier-free workplace.