We are looking for a security-driven DevSecOps Engineer to join our engineering team.

The ideal candidate has a strong security mindset, the ability to independently research and learn new tools and techniques, and hands-on experience embedding security into software delivery pipelines.

Major Responsibilities

• Integrate security tools (SAST, DAST, SCA, secret scanning) into CI/CD pipelines
• Identify, research, and evaluate new security tooling and industry best practices independently
• Assist in hardening AWS environments (IAM, Security Hub, GuardDuty, CloudTrail)
• Enforce security policies across GitHub organization (branch protection, access controls, Actions governance)
• Write Python scripts to automate security scanning, reporting, and remediation
• Participate in security reviews for infrastructure and application changes
• Collaborate with AppSec and platform engineering teams on vulnerability management
• Maintain runbooks and documentation for the security toolchain

Desired Background & Experience

• 1–2 years of experience in DevSecOps, DevOps, cloud security, or a related role
• Hands-on familiarity with CI/CD pipelines (GitHub Actions or similar)
• Basic experience with at least one SAST/DAST/SCA tool (SonarQube, Snyk, Trivy, or similar)
• Foundational AWS knowledge (IAM, VPC, security services)
• Python scripting ability
• Understanding of OWASP Top 10 and core AppSec concepts
• Strong self-learning ability – capable of independently researching unfamiliar technologies, reading documentation, and applying findings without handholding
• Curiosity-driven approach to security, follows threat intelligence, reads CVEs, experiments in lab environments

It would be great if you also have:

• Experience with container security (Docker, Kubernetes)
• Familiarity with IaC tools (Terraform) and policy-as-code
• Exposure to compliance frameworks (FedRAMP, SOC 2, ISO 27001)
• CTF participation or personal security research projects
• AWS certifications (Cloud Practitioner, Security Specialty, or similar)