We are seeking a highly skilled and passionate DevSecOps Engineer to join our dynamic, remote-first team. Based out of Boston, MA, this role is critical in embedding security throughout our entire software development lifecycle and cloud infrastructure. As a DevSecOps Engineer, you will be instrumental in building and maintaining secure, scalable, and reliable systems, ensuring that security is an inherent part of our platform engineering efforts rather than an afterthought. You will leverage modern tools and practices to automate security controls, enhance observability, and empower developers to build secure applications from inception.
You will play a pivotal role in designing, implementing, and managing our secure cloud environments, integrating security automation into our CI/CD pipelines, and driving a culture of security awareness across engineering teams. If you thrive in an environment where you can innovate, solve complex security challenges, and contribute to cutting-edge platform development, this opportunity is for you.
Key Responsibilities:
- Design, implement, and maintain robust security controls and best practices across our multi-cloud infrastructure (AWS, Azure, GCP) using Infrastructure as Code (IaC) tools like Terraform, Pulumi, and Crossplane.
- Automate security scanning (SAST, DAST, SCA, container scanning) within CI/CD pipelines (e.g., GitLab CI/CD, GitHub Actions) and integrate findings into developer workflows.
- Develop and integrate security features into our internal developer platform, potentially leveraging Backstage to provide a seamless and secure experience for engineers.
- Manage and enhance Kubernetes cluster security, including network policies, admission controllers, service mesh security (e.g., Istio), and secret management.
- Participate in security incident response, post-mortem analysis, and continuous improvement of security posture and resilience.
- Implement and monitor security telemetry, logging, and alerting using tools like Prometheus, Grafana, ELK Stack, and SIEM solutions.
- Collaborate with development, operations, and compliance teams to ensure adherence to security policies, industry standards, and regulatory requirements (e.g., SOC 2, ISO 27001).
Required Skills & Tools:
- Proven experience as a DevSecOps Engineer, Cloud Security Engineer, or similar role.
- Strong understanding of DevSecOps principles and practices, including 'shift-left' security.
- Expertise with cloud platforms such as AWS, Azure, or GCP, including security services (e.g., IAM, Security Groups, WAF, KMS).
- Proficiency in Infrastructure as Code (IaC) using Terraform, Pulumi, or Crossplane.
- Hands-on experience with containerization technologies (Docker) and orchestration (Kubernetes).
- Experience with CI/CD pipeline security and automation tools (e.g., GitLab CI/CD, GitHub Actions, Jenkins).
- Familiarity with security scanning tools (e.g., SonarQube, Snyk, Aqua Security, Qualys).
- Scripting and programming skills in languages like Python, Go, or Bash.
- Knowledge of network security, system hardening, and vulnerability management.
Nice-to-Have:
- Experience with developer portals and platforms, especially Backstage.
- Familiarity with compliance frameworks like SOC 2, HIPAA, or ISO 27001.
- Exposure to eBPF for security observability or advanced threat detection.
- Certifications such as AWS Certified Security – Specialty, CCSK, or CISSP.
- Experience with service mesh technologies (e.g., Istio, Linkerd).
What We Offer:
We believe in fostering an environment where innovation thrives and continuous learning is encouraged. You'll receive a competitive annual salary between USD 130,000 – 165,000, comprehensive health, dental, and vision insurance, and generous paid time off. As a remote-first company, we offer flexibility and support for a healthy work-life balance, along with opportunities for professional development and career growth. Join a team of passionate engineers dedicated to building secure and impactful solutions!
