Staff DevSecOps

We’re looking for a Staff Security Engineer - DevSecOps to help us scale platform security — without slowing anyone down. You’ll focus on making AppSec and CloudSec part of how we build - not something bolted on later. This is a hands-on, high-impact role where you’ll design and embed secure-by-default practices across the SDLC and our cloud-native infrastructure, while working closely with Detection Engineering, Red Team, and platform teams.You’ll be a technical reference for secure architecture, lead and support vulnerability remediation, and drive initiatives that reduce our attack surface without blocking innovation. This is not a compliance role — it’s a core engineering function embedded in our platform strategy.

Key Responsibilities

• Design and maintain secure-by-default pipelines, IaC modules, and developer guardrails


• Lead architectural reviews and threat modeling for platform-critical services


• Identify and drive remediation of vulnerabilities across code, CI/CD, and cloud


• Own security posture for core cloud infrastructure (CSPM, least privilege, K8s runtime protection)


• Collaborate with Detection Engineering on threat-informed defense (e.g. logging, alerting, detections)


• Act as AppSec and CloudSec technical lead on cross-functional engineering projects


• Contribute to tooling strategy for SAST, secrets management, IaC scanning, and CSPM


• Partner with engineering and DevOps to evolve secure paved roads and templates


• Guide internal security champions and mentor other engineers across the org


• Support post-incident forensics and validate fixes through regression testing