DevSecOps Engineer

Job Title: DevSecOps Engineer
Location: Remote
Salary Range: $30000 $70000/year (depending on location) equity

About Us: We are a fastgrowing startup with a mission to provide a simple minimalist SaaS solution for freelancers solopreneurs and small businesses to optimize their sales and marketing processes. Our product is built on a modern stack and we aim to maintain the highest levels of security compliance and operational excellence as we scale. Were looking for a DevSecOps Engineer who will manage our production infrastructure development environments and lead our security/compliance efforts in a growing agile environment.

The Role: As our DevSecOps Engineer youll be responsible for maintaining a secure scalable and reliable infrastructure across our cloudbased platform. This role involves building and optimizing our CI/CD pipelines securing our cloud infrastructure and ensuring compliance with industry standards. Youll work closely with developers product managers and leadership to ensure that security is a core part of our development and operational processes.

Responsibilities:

Infrastructure Management:

• Design implement and manage highly scalable cloud infrastructure (AWS preferred) to support our SaaS platform.

• Manage the production environment ensuring high availability security and scalability of our services.

• Implement infrastructure as code (IaC) practices using tools like Terraform CloudFormation or similar.

• Continuously monitor system performance troubleshoot issues and implement improvements for scalability and efficiency.

DevOps:

• Build maintain and optimize CI/CD pipelines for automated testing integration and deployment of applications.

• Collaborate with development teams to ensure smooth integration of code and deployment processes.

• Automate repetitive tasks and streamline operations to improve developer productivity and system reliability.

Security and Compliance:

• Establish and enforce security best practices including patch management monitoring and incident response protocols.

• Implement and maintain security controls including firewalls encryption and network security monitoring.

• Conduct regular security audits vulnerability assessments and penetration tests to identify and mitigate risks.

• Ensure compliance with relevant security standards (e.g. GDPR ISO 27001) and support audits when required.

• Educate the team on security practices and ensure secure coding standards are followed across the development process.

Required Qualifications:

• 4 years of experience in a DevOps or DevSecOps role with handson experience managing cloud infrastructure (preferably AWS).

• Strong knowledge of cloud security principles and best practices including IAM security groups VPCs and encryption techniques.

• Experience with infrastructure as code (IaC) tools such as Terraform CloudFormation or Ansible.

• Proficiency with CI/CD tools such as Jenkins GitLab CI or CircleCI and experience building automated pipelines.

• Indepth knowledge of containerization technologies like Docker and orchestration tools such as Kubernetes.

• Strong scripting skills (e.g. Bash Python) for automation and infrastructure management.

• Familiarity with logging and monitoring tools (e.g. ELK Stack Prometheus Grafana) for performance and security monitoring.

• Experience with security frameworks (e.g. OWASP NIST) and tools for vulnerability scanning and remediation.

• Strong understanding of compliance regulations (e.g. GDPR SOC 2) and the ability to implement controls to maintain compliance.

NicetoHaves:

• Experience with serverless architectures and microservices deployment strategies.

• Knowledge of database security best practices especially for PostgreSQL and other relational databases.

• Familiarity with Zero Trust security models and modern identity management solutions.

• Previous experience working in a startup or small team environment.

Soft Skills:

• Strong collaboration skills: able to work closely with development product and business teams.

• Excellent problemsolving skills with the ability to troubleshoot and resolve complex infrastructure and security issues.

• A proactive mindset: always thinking ahead to anticipate potential issues and address them before they become problems.

• Strong communication skills with the ability to explain complex security and infrastructure concepts to nontechnical team members.

• Detailoriented and a strong sense of ownership and accountability for maintaining a secure and reliable system.

Why Join Us

• Join a fastpaced startup where youll have the autonomy to take ownership of the infrastructure and security strategy.

• Be part of a culture that prioritizes security and operational excellence ensuring you have the resources and support to do your best work.

• Work in a remotefriendly environment with a small collaborative team focused on continuous improvement.

• Opportunity to influence the technical direction and shape the security/compliance posture of the company as it grows.

Remote Work :

No