Role overview

DevSecOps Engineer

Requirements and responsibilities

Readable role content extracted into sections for faster review.

WHAT YOU'LL DO:

  • Handle internal security requests and make sure employees have the tools and access they need without over-provisioning
  • Ensure that employees have access to the tools and systems they need while maintaining least privilege access principles
  • Onboard and offboard employees across internal systems
  • Oversee our MDM system and stay on top of alerts
  • Review and assess new technologies (tools, code frameworks, third-party providers, internal apps) through a security lens
  • Help shape and refine security best practices across the org
  • Triage and work through vulnerabilities surfaced by pen testing, static analysis, responsible disclosures, and automated alerts
  • Keep security documentation and training materials fresh and useful
  • Automate security processes and alerts wherever you can find the leverage
  • Participate in a shared on-call rotation for critical production security issues
  • Stay abreast of the latest security events and trends
  • Participate in regular security training and certification acquisition
  • Ensure our software development lifecycle remains secure as we continue to evolve its processes.
  • Write infrastructure-as-code to automate deployment and management using Terraform, Ansible, or similar tools
  • Stay current on emerging threats, security trends, and what's happening across our stack and industry
  • Investigate and resolve infrastructure incidents to keep things running smoothly

WHO YOU ARE:

  • You have security certifications or equivalent real-world experience
  • You think like an attacker, and a hacker mindset is genuinely how you approach problems
  • Deep background across multiple facets of security
  • 5+ years implementing security in Linux-based infrastructures, AWS, and code
  • Comfortable with open-source tooling, cloud environments, and multiple operating systems
  • Experience building security solutions that actually scale
  • Hands-on with one or more of: penetration testing, threat modeling, code analysis, system hardening, distributed patching, vulnerability scanning
  • Familiar with hardening AI tooling to prevent security incidents
  • Strong communicator who can present findings to both technical and non-technical audiences
  • Bonus points for experience or genuine interest in cryptocurrency / cryptography

WHY CASA?

  • Ownership. Private key management is the beginning of a future you can truly own, and at Casa, everyone has a role. We offer equity opportunities so our employees can benefit from what we are building together
  • Community. Inclusivity is important to us.We value each other and our contributions. Our team, known as the Casa Space Fleet, brings out the best in everyone while having plenty of fun along the way
  • Rest and Relaxation. We believe in the power of personal time, so we offer as much flexible time as you need. We encourage you to take at least 3 weeks off a year
  • Health Benefits. We provide medical coverage with FSA options, dental, vision, and access to mental health providers
  • Setup for Remote Success. Our team is both decentralized and effective. We reimburse up to $400 for anything you need to set up your home office
  • Investment Avenues. We partner with resources so you can invest a portion of your paycheck in Bitcoin, and we also have the more traditional 401(k) option
  • Maternity/Paternity Leave. We provide 12 weeks for maternity / 4 weeks for paternity
Similar roles

Keep a backup shortlist.

Browse stack
FocusDevSecOpsRole area
Seniority signalMiddleCandidate level
StackAWS, RESTPrimary skills
Location1 accepted countryEligibility

Stack

Use these tags to compare similar remote roles.

Location eligibility

Candidates should apply only when their profile country is listed here.

Your profileCountry not setSign in to check your country against this role.

Hiring flow

WithMira shows the role, then sends candidates to the company application.

1Check role fit, stack, and location eligibility in WithMira.
2Open the company application page from the tracked apply link.
3Save the role or subscribe for similar opportunities before leaving.
Apply on company siteCompany siteOpen link