Responsibilities
- Design, build, and maintain secure, scalable, and highly available infrastructure in a multi-cloud setup, primarily on AWS, using Infrastructure as Code tools such as Terraform, Kubernetes, and Helm.
- Develop and automate systems for threat detection, incident response, and vulnerability management to enable rapid, machine-speed reactions to security events.
- Architect and strengthen CI/CD pipelines by integrating automated security testing tools like SAST, DAST, and SCA to deliver timely feedback to development teams.
- Operate and secure container orchestration platforms, especially Kubernetes, applying security best practices from registry through runtime, including adherence to hardening standards like CIS Benchmarks or DISA STIG.
- Serve as technical lead during security and reliability incidents, guiding resolution efforts and leading post-incident reviews to implement preventative improvements.
- Implement and maintain automated compliance controls to continuously meet requirements of standards such as FedRAMP, SOC 2, and ISO 27001.
- Act as a security and reliability subject matter expert, mentoring engineers and promoting a culture of ownership and operational excellence across teams.
Requirements
- Minimum of 8 years of progressive technology experience, including at least 5 years in a senior hands-on role in DevOps, Site Reliability Engineering, or Security Engineering.
- Bachelor's or Master's degree in Computer Science, Engineering, or a related field, or equivalent professional experience.
- Deep expertise in a major cloud platform, preferably AWS, with strong knowledge of core infrastructure and security services.
- Advanced proficiency in Infrastructure as Code, with a focus on Terraform.
- Strong programming or scripting skills in languages such as Python, Go, or Ruby, with a track record of developing automation and custom tools.
- Extensive experience with containerization and orchestration technologies, particularly Kubernetes, and securing container environments.
- Familiarity with security operations tools including SIEM, EDR, and vulnerability scanners.
- Proven experience integrating security tools like SAST, DAST, and SCA into CI/CD workflows.
- Demonstrated ability to analyze and resolve complex technical issues in high-pressure production environments.
- Strong communication skills, both written and verbal, with fluency in English and a collaborative mindset.
Nice to Have
- Industry-recognized certifications such as CISSP, CISM, OSCP, or cloud-specific security credentials.
- Experience working with compliance frameworks including FedRAMP, ISO 27001, and SOC 2.
Work Arrangement
Hybrid
Required
- 8+ years of progressive experience in technology, with at least 5 years in a hands-on senior role such as Site Reliability Engineering, DevOps, or Security Engineering.
- A BS or MS in Computer Science, Engineering, or a related field, or equivalent industry experience.
- Expert-level proficiency in at least one major cloud provider, preferably AWS, with deep knowledge of core infrastructure and security services.
- Expert-level proficiency with Infrastructure as Code, particularly Terraform.
- Expert-level proficiency in a scripting or programming language such as Python, Go, or Ruby, with a proven history of building automation and custom tooling.
- Deep experience with containerization and orchestration technologies (Kubernetes), including securing containerized environments.
- Proficiency with the modern security operations toolchain, including SIEM, EDR, and vulnerability scanning technologies.
- Experience integrating security tools (SAST, DAST, SCA) into CI/CD pipelines.
- A critical thinker with a proven ability to troubleshoot complex problems in high-pressure production environments.
- Excellent verbal and written communication skills and a collaborative spirit. This will include fluency in English.
Preferred
- Advanced industry certifications such as CISSP, CISM, OSCP, or cloud-specific security certifications.
- Experience with compliance frameworks like FedRAMP, ISO27001, SOC2.