Senior DevOps Engineer

Position Overview

We are seeking a seasoned Senior DevOps Engineer to own and drive every aspect of our security posture—both at the application code level and across our AWS-based infrastructure. This role involves building and maintaining our platform’s infrastructure, ensuring high availability, performance and compliance. As a key player in our team, you will collaborate closely with developers and be proactive in planning, executing and continuously improving our security practices.

We need someone who is 100% part of the team and not under a contractor’s mindset. This crucial role requires frequent synchronous collaboration with other leads and management; we can’t tackle our challenges “mostly async.”

Key Responsibilities

• Security Patch Management: Lead patching of application dependencies and infrastructure components (OS, containers, networking, IAM).
• Infrastructure Design & Maintenance: Build, configure and maintain secure AWS architectures (VPCs, compute, storage, networking) following CIS and AWS best practices.
• Secrets Management: Ensure all company secrets—environment variables, database credentials, API keys—are stored and rotated securely via AWS Secrets Manager, encrypted Parameter Store or Vault.
• Vulnerability Identification & Remediation: Perform threat modeling, SAST code reviews, infrastructure scanning (AWS Inspector, Nessus) and penetration tests; drive fixes through CI/CD.
• Automation & Self-Healing: Embed security gates and automated remediation in our CI/CD pipelines and IaC (Terraform/CloudFormation), reducing manual intervention.
• Continuous Improvement: Propose, implement and champion security best practices across code and infrastructure to raise our overall security maturity.
• Incident Response & Post-Mortem: Own triage, root-cause analysis and corrective actions for security incidents; lead post-mortem reviews and apply lessons learned.
• Collaboration & Communication: Participate in daily stand-ups, design reviews and sprint planning; coordinate closely with DevOps, development leads and management.
• Team Leadership: Mentor junior engineers and help grow the DevSecOps practice as the organization scales.

Essential Qualifications

• Extensive hands-on experience with cloud platforms (AWS strongly preferred, GCP/Azure a plus) and secure cloud architecture.
• Deep knowledge of Linux administration (bash scripting, system hardening) and network security.
• Proven track record automating infrastructure and security workflows via Terraform, CloudFormation or similar.
• Expertise with secrets management solutions (AWS Secrets Manager, HashiCorp Vault, encrypted Parameter Store).
• Familiarity with SAST/DAST tooling and infrastructure scanners (e.g. AWS Inspector, Nessus).
• Strong understanding of OWASP Top 10, CIS benchmarks, and security compliance frameworks (SOC 2, ISO 27001).
• Excellent problem-solving skills, ability to work under pressure and clear communication.

Desirable Traits

• Prior experience leading DevSecOps or security engineering teams in an agile environment.
• Practical knowledge of Node.js, JavaScript or TypeScript and server-side frameworks (e.g. NestJS).
• Hands-on experience with relational databases (PostgreSQL, MySQL) and data-at-rest encryption.
• Familiarity with logging, monitoring and alerting platforms (CloudWatch, ELK, Prometheus/Grafana).
• Security certifications (CISSP, AWS Certified Security – Specialty, CISM) a plus.