Senior / Staff DevSecOps Engineer

📋 Description

• Own runtime security and vulnerability management across cloud and containers.
• Design and enforce IAM across AWS and internal systems.
• Own secrets management: policies, tooling, rotation, and workflows.
• Lead security incident response: detection, containment, remediation.
• Harden CI/CD pipelines and embed security into the software lifecycle.
• Build secure-by-default templates and tooling to reduce friction.

🎯 Requirements

• 8+ years in DevSecOps, platform security, or related.
• Deep hands-on AWS experience: IAM, SCPs, Organizations, GuardDuty, Security Hub, CloudTrail.
• Terraform IaC with security controls; policy as code tooling (OPA, Checkov, tfsec) or AWS Config Rules.
• Secrets management end-to-end in production.
• Design and harden CI/CD pipelines GitHub Actions.
• Container security: image scanning and runtime controls.
• Compliance program experience; CMMC Level 2 or NIST SP 800-171 preferred.
• Incident response on call, post mortem, remediation.

🎁 Benefits

• Equal opportunity employer; all qualified applicants considered.
• Reasonable accommodations available during the hiring process.