DevSecOps Engineer
About the job You will secure customer data and the organization's information systems by designing and implementing scalable security controls in Linux and AWS. You will oversee security architecture and contribute to the security program. You will onboard and offboard users, manage MDM, review new technologies through a security lens, shape security best practices, triage vulnerabilities, maintain security documentation and training, automate security processes, participate in on-call rotations, stay current on threats, and ensure the software development lifecycle remains secure. You will also write infrastructure as code using Terraform or Ansible and continue to improve security across the stack. Responsibilities Handle internal security requests and ensure employees have the tools and access they need without over provisioning Ensure access to tools and systems while maintaining least privilege access Onboard and offboard employees across internal systems Oversee the MDM system and stay on top of alerts Review and assess new technologies through a security lens Help shape and refine security best practices across the org Triage and remediate vulnerabilities surfaced by pen testing, static analysis, responsible disclosures, and automated alerts Keep security documentation and training materials fresh and useful Automate security processes and alerts wherever possible Participate in a shared on-call rotation for critical production security issues Stay abreast of the latest security events and trends Participate in regular security training and certification Ensure the software development lifecycle remains secure as it evolves Write infrastructure as code to automate deployment and management using Terraform, Ansible, or similar tools Stay current on emerging threats and industry developments Investigate and resolve infrastructure incidents to keep things running smoothly Requirements Security certifications or equivalent real world experience Think like an attacker and a hacker mindset is genuinely how you approach problems Deep background across multiple facets of security 5+ years implementing security in Linux based infrastructures AWS and code Comfortable with open source tooling cloud environments and multiple operating systems Experience building security solutions that actually scale Hands on with penetration testing threat modeling code analysis system hardening distributed patching vulnerability scanning Familiar with hardening AI tooling to prevent security incidents Strong communicator who can present findings to both technical and non technical audiences Bonus points for experience or genuine interest in cryptocurrency cryptography