Senior DevSecOps Engineer

How You Will Contribute

• Cloud & Infrastructure Security
• Establish and enforce cloud security standards, identity & access management (IAM) policies, and network security controls across AWS and Azure.
• Implement continuous compliance and security monitoring aligned to the AWS Well-Architected Framework and industry standards (CIS, NIST, ISO).
• Design automated guardrails for vulnerability management, patching, and secrets management.
 
• DevOps & Automation
• Architect and maintain CI/CD pipelines with built-in security testing (SAST/DAST), artifact signing, and policy enforcement.
• Develop Infrastructure-as-Code (IaC) using Terraform, CloudFormation, CDK, or Ansible to ensure repeatable, secure deployments.
• Build and maintain containerized environments (Docker, Kubernetes, ECS, Fargate) with hardened images and runtime security controls.
 
• Collaboration & Leadership
• Partner with software, data, and business teams to integrate security best practices into application design and deployment.
• Act as a trusted advisor on cloud security strategy, incident response, and disaster recovery.
• Coach engineers on secure coding, DevSecOps patterns, and operational excellence.
• Able to clearly communicate the value of new initiatives to secure cross-functional adoption
• Enthusiasm to contribute to Stand Together's vision and principled approach to solving problems, and a commitment to stewarding our culture, which champions values including transformation and innovation, entrepreneurialism, humility, and respect. 

What You Will Bring

• Experience: 5+ years in Cloud/DevOps/Platform engineering with a strong focus on security and automation
 
• Cloud Expertise: Deep knowledge of AWS services (EC2, RDS, DynamoDB, Lambda, SQS/SNS, ECS/ECR, Security Hub, etc.) and equivelant technologies in Azure and GCP
 
• Security Knowledge:
• Strong understanding of IAM, network security, encryption (KMS), key rotation, and secrets management
• Experience with vulnerability scanning tools (e.g., Security Hub, Inspector, Aqua, Prisma, or similar) and compliance frameworks.
• Familiarity with container security and supply chain security practices.
 
• Automation & IaC: Proficiency with Terraform, Ansible, Cloud Development Kit (CDK), or similar
• Demonstrated proficiency in threat detection, log aggregation, and incident response using Splunk and alternative SIEM tools
 
• Programming & Scripting: Proficiency in Python or another high-level language for automation and custom tooling
 
• CI/CD & Monitoring: Experience with Jenkins, GitHub Actions, CodePipeline, or similar, plus observability tools (Prometheus, Grafana, ELK/EFK)
 
• OS & Networking: Strong Linux/Unix command-line skills and solid grasp of TCP/IP, DNS, VPNs, firewalls, and load balancing

Stand Out Candidates Will Bring

• AWS Certified Solutions Architect, Security Specialty, or DevOps Engineer – Professional
• Experience with Zero Trust principles, cloud-native application security, or serverless security
• Background in incident response or security operations

What We Offer

• Competitive benefits: Enjoy a 6% 401(k) match with immediate vesting, flexible time off, comprehensive health and dental plans, plus wellness and mental health support through Peloton and Talkspace.
• A meaningful career: Join a passionate community of over 1,300 employees dedicated to improving lives and driving innovative solutions to complex social challenges.
• Commitment to growth: Thrive in a non-hierarchical environment that empowers employees to discover, develop and apply their unique talents.
• Competitive compensation: Our approach rewards the value you create through competitive salaries and bonus opportunities, allowing you to share in the success you help drive.