DevSecOps Engineer

Who we are

Typeform is a refreshingly different form builder. We help over 150,000 businesses collect the data they need with forms, surveys, and quizzes that people enjoy. Designed to look striking and feel effortless to fill out, Typeform drives 500 million responses every year—and integrates with essential tools like Slack, Zapier, and Hubspot.

About the Team

The Platform & Security team ensures Typeform engineers can build, deploy, and operate services safely and efficiently.

As we scale into AI-powered products, our engineering velocity has increased significantly. New workloads—such as model-serving, agent-based systems, and real-time data pipelines—introduce security challenges that our current team does not yet have the bandwidth or AI-specific expertise to manage.

You’ll join as a DevSecOps Engineer to embed security into the development lifecycle, enable high-velocity feature delivery, and ensure that new AI capabilities are safe, compliant, and resilient. This role is an opportunity to make a tangible impact on the security posture of Typeform as we scale.

Things you will do:

• Embed security into the SDLC: Partner with engineering and AI teams to ensure features are delivered safely at high velocity.


• Develop security automation: Build and maintain CI/CD security tooling and processes (SAST/DAST, secrets management, artifact scanning).


• Assess and mitigate risks: Conduct vulnerability assessments, threat modeling, and code reviews for platform and AI workloads.


• Advise on architecture: Recommend secure patterns for infrastructure, agent systems, and model-serving pipelines.


• Implement monitoring & incident response: Ensure timely detection and automated response to security alerts.


• Define best practices: Create and maintain standards, policies, and reusable security infrastructure components.


• Collaborate effectively: Influence teams to adopt security practices without slowing development, and act as the internal advocate for security.

What you already bring to the table:

• Several years of experience in DevSecOps, security engineering, or cloud security.


• Strong understanding of distributed systems, cloud-native infrastructure, and CI/CD pipelines.


• Knowledge of threat modeling, vulnerability assessment, and incident response.


• Experience with or strong willingness to learn AI/ML security, model-serving pipelines, or agent-based systems.


• Familiarity with IaC, Kubernetes, and cloud platforms (AWS, GCP, Azure).


• Excellent collaboration and communication skills to explain complex security concepts to non-security teams.

Extra awesome:

• Hands-on experience with AI security, model risk, or prompt injection mitigation.


• Experience in high-velocity SaaS or PLG environments.


• Contributions to open-source security tooling or frameworks.


• Implementing automated security testing in CI/CD pipelines for both code and infrastructure.

*Typeform drives hundreds of millions of interactions each year, enabling conversational, human-centered experiences across the globe. We move as one team, empowering our collective efforts by valuing each individual’s unique perspective. This fosters strong bonds grounded in respect, transparency, and trust. We champion our diverse customer base by anticipating their needs and addressing their challenges with priority. Committed to excellence, we hold high expectations for ourselves and each other, continuously striving to deliver exceptional results.

We are proud to be an equal-opportunity employer. We celebrate diversity and stand firmly against discrimination and harassment of any kind—whether based on race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, or veteran status. Everyone is welcome here.