Job Openings DevSecOps Engineer (remote globally)

About the job DevSecOps Engineer (remote globally)

Job Title: DevSecOps Engineer
Location: Remote
Salary Range: $30,000 - $70,000/year (depending on location) + equity

About Us: We are a fast-growing startup with a mission to provide a simple, minimalist SaaS solution for freelancers, solopreneurs, and small businesses to optimize their sales and marketing processes. Our product is built on a modern stack, and we aim to maintain the highest levels of security, compliance, and operational excellence as we scale. We’re looking for a DevSecOps Engineer who will manage our production infrastructure, development environments, and lead our security/compliance efforts in a growing, agile environment.

The Role: As our DevSecOps Engineer, you’ll be responsible for maintaining a secure, scalable, and reliable infrastructure across our cloud-based platform. This role involves building and optimizing our CI/CD pipelines, securing our cloud infrastructure, and ensuring compliance with industry standards. You’ll work closely with developers, product managers, and leadership to ensure that security is a core part of our development and operational processes.

Responsibilities:

Infrastructure Management:

  • Design, implement, and manage highly scalable cloud infrastructure (AWS preferred) to support our SaaS platform.

  • Manage the production environment, ensuring high availability, security, and scalability of our services.

  • Implement infrastructure as code (IaC) practices using tools like Terraform, CloudFormation, or similar.

  • Continuously monitor system performance, troubleshoot issues, and implement improvements for scalability and efficiency.

DevOps:

  • Build, maintain, and optimize CI/CD pipelines for automated testing, integration, and deployment of applications.

  • Collaborate with development teams to ensure smooth integration of code and deployment processes.

  • Automate repetitive tasks and streamline operations to improve developer productivity and system reliability.

Security and Compliance:

  • Establish and enforce security best practices, including patch management, monitoring, and incident response protocols.

  • Implement and maintain security controls, including firewalls, encryption, and network security monitoring.

  • Conduct regular security audits, vulnerability assessments, and penetration tests to identify and mitigate risks.

  • Ensure compliance with relevant security standards (e.g., GDPR, ISO 27001) and support audits when required.

  • Educate the team on security practices and ensure secure coding standards are followed across the development process.

Required Qualifications:

  • 4+ years of experience in a DevOps or DevSecOps role, with hands-on experience managing cloud infrastructure (preferably AWS).

  • Strong knowledge of cloud security principles and best practices, including IAM, security groups, VPCs, and encryption techniques.

  • Experience with infrastructure as code (IaC) tools such as Terraform, CloudFormation, or Ansible.

  • Proficiency with CI/CD tools such as Jenkins, GitLab CI, or CircleCI, and experience building automated pipelines.

  • In-depth knowledge of containerization technologies like Docker and orchestration tools such as Kubernetes.

  • Strong scripting skills (e.g., Bash, Python) for automation and infrastructure management.

  • Familiarity with logging and monitoring tools (e.g., ELK Stack, Prometheus, Grafana) for performance and security monitoring.

  • Experience with security frameworks (e.g., OWASP, NIST) and tools for vulnerability scanning and remediation.

  • Strong understanding of compliance regulations (e.g., GDPR, SOC 2) and the ability to implement controls to maintain compliance.

Nice-to-Haves:

  • Experience with serverless architectures and microservices deployment strategies.

  • Knowledge of database security best practices, especially for PostgreSQL and other relational databases.

  • Familiarity with Zero Trust security models and modern identity management solutions.

  • Previous experience working in a startup or small team environment.

Soft Skills:

  • Strong collaboration skills: able to work closely with development, product, and business teams.

  • Excellent problem-solving skills, with the ability to troubleshoot and resolve complex infrastructure and security issues.

  • A proactive mindset: always thinking ahead to anticipate potential issues and address them before they become problems.

  • Strong communication skills, with the ability to explain complex security and infrastructure concepts to non-technical team members.

  • Detail-oriented and a strong sense of ownership and accountability for maintaining a secure and reliable system.

Why Join Us?

  • Join a fast-paced startup where you’ll have the autonomy to take ownership of the infrastructure and security strategy.

  • Be part of a culture that prioritizes security and operational excellence, ensuring you have the resources and support to do your best work.

  • Work in a remote-friendly environment with a small, collaborative team focused on continuous improvement.

  • Opportunity to influence the technical direction and shape the security/compliance posture of the company as it grows.