Cayuse
Senior DevSecOps Engineer
Vaga remota de DevSecOps Engineer com fit claro de localização do candidato.
Publicada4 de jul. de 2026
Países elegíveis1 país aceito
Sinal de senioridadeSenior
Modelo de trabalhoRemoto
Locais aceitos para candidatos
Estados Unidos
Resumo da vaga
Senior DevSecOps Engineer
Requisitos e responsabilidades
Conteúdo da vaga extraído em seções para revisão mais rápida.
Vulnerability Management and Remediation
- Assist in the end-to-end vulnerability management lifecycle: discovery, triage, prioritization, remediation tracking, and reporting across applications, containers, and cloud infrastructure.
- Administer and tune Snyk (SCA, container, and IaC scanning), SonarQube (SAST and code quality gates), and AWS Inspector (EC2, ECR, and Lambda vulnerability scanning) to maximize signal and reduce false positives.
- Aggregate and normalize findings across scanners into a single prioritized backlog, using severity, exploitability, and asset criticality to drive risk-based remediation.
- Partner with product engineering teams to remediate findings, providing concrete guidance and tracking SLAs to closure rather than just reporting on counts.
- Establish and enforce policy-as-code and quality/security gates in CI so vulnerabilities are caught before merge and deployment.
- Drive container and base-image hygiene across EKS workloads, including image scanning, patching cadence, and remediation of vulnerable dependencies.
Secure Pipelines and Automation
- Design, build, and maintain secure CI/CD pipelines using Bitbucket Pipelines, integrating Snyk, SonarQube, and other security scanning natively into the build and deploy flow.
- Build and maintain secure, scalable infrastructure using Terraform, applying IaC scanning and guardrails to prevent misconfiguration.
- Automate vulnerability discovery, ticket creation, and remediation workflows (e.g., auto-filing Jira tickets from scanner findings) to reduce toil and accelerate response.
- Develop and maintain automation tools and scripts (Python, Bash) to integrate security tooling, enrich findings, and report on posture.
- Manage cloud security posture across the AWS estate (managed through DuploCloud), including IAM, Security Groups, encryption, and configuration baselines.
AI-Augmented Engineering
- Work AI-native: use tools like Claude Code, GitHub Copilot, and Atlassian Rovo to accelerate code, automation, triage, and documentation in day-to-day engineering.
- Build AI into security and remediation workflows — for example, using AI to summarize and enrich scanner findings, draft remediation guidance, generate and review Terraform and pipeline changes, and auto-populate Jira tickets from vulnerability data.
- Apply sound judgment about where AI fits and where human review is mandatory, treating all AI output in a security context as needing verification before it reaches production or a security decision.
- Help establish and share team standards for responsible, effective use of AI engineering tools, and mentor colleagues on getting leverage from them safely.
Monitoring, Detection, and Incident Response
- Implement and maintain observability and security monitoring using Grafana and AWS-native monitoring (CloudWatch, AWS Inspector, GuardDuty where applicable).
- Define and monitor security and reliability SLOs/SLAs, and proactively identify exposure before it becomes an incident.
- Participate in incident response and root cause analysis for security-relevant events, contributing to resolution and follow-up hardening.
- Respond to on-call Sev 1 incidents and participate in a 24/7 on-call rotation approximately once per month.
- Contribute to disaster recovery and resilience planning.
Collaboration, Mentorship, and Improvement
- Serve as a technical expert and mentor, sharing secure-development and DevSecOps best practices across engineering teams.
- Contribute to the development and implementation of DevSecOps standards and guidelines, tailored to AWS best practices.
- Lead by example with strong technical proficiency in SRE and security engineering within the AWS ecosystem.
- Collaborate with development, operations, compliance, and product teams to ensure security is built in, not bolted on.
- Contribute to code reviews and technical discussions with a security lens.
- Document runbooks, standards, and knowledge-sharing resources; participate in agile ceremonies.
- Foster a culture of continuous learning and a security-first, automation-first mindset.
Qualifications
- Deep experience with AWS, including core services such as EC2, S3, RDS, Lambda, CloudWatch, EKS, and a solid understanding of AWS networking (VPC, Security Groups) and security fundamentals (IAM).
- Hands-on experience operating application and cloud vulnerability scanning tools — Snyk, SonarQube, and AWS Inspector strongly preferred — including administration, policy configuration, and findings triage.
- Demonstrated experience running a vulnerability management or AppSec program: prioritization frameworks, remediation SLAs, and risk-based decision-making.
- 4+ years of experience working with public cloud technologies (AWS preferred).
- Strong understanding of CI/CD pipelines and the SDLC, with proven experience integrating security scanning into pipelines (Bitbucket Pipelines preferred).
- Proven experience with Terraform and infrastructure as code, including IaC security scanning.
- Experience with Docker and Kubernetes (EKS), including container image security and hardening.
- Proficiency in scripting languages (Python, Bash) for automation and tooling integration.
- Demonstrated fluency with AI engineering tools (e.g., Claude Code, GitHub Copilot, Atlassian Rovo) and good judgment about applying them in a security context, where AI output must be verified rather than trusted blindly.
- Experience developing monitoring and log analysis solutions, including proficiency with Grafana.
- Solid understanding of security frameworks, secure coding practices, and common vulnerability classes (e.g., OWASP Top 10, CVE/CVSS).
- Experience with Git and code branching/merging strategies.
- Experience with Agile methodologies (Scrum, Kanban).
- Strong problem-solving and troubleshooting skills.
- Excellent communication and collaboration skills, with the ability to influence remediation across teams.
- Passion for mentoring and knowledge sharing.
- Ability to own medium to large technical projects end to end.
Nice to haves
- Relevant security certifications (e.g., AWS Security Specialty, CISSP, GIAC).
- Experience with SOC 2 / ISO 27001 or similar compliance programs.
- Experience with secrets management, SBOM generation, and supply-chain security.
- Familiarity with DuploCloud or comparable cloud governance platforms.
- Experience building AI-augmented or agentic workflows into engineering or security operations (e.g., MCP integrations, AI-assisted findings triage or ticketing).
Benefits
- Competitive Medical Benefits (PPO + HSA available)
- Vision, Dental, Short-Term Disability fully covered by Cayuse
- Unlimited PTO + Holidays + Flexible Work Schedule
- Remote Work Stipend
- Equal Paid Parental Leave
- 401k with Employer Matching
- Quarterly Wellness Reimbursement
- Remote Work Environment, supporting the Ultimate Employee Experience
Vagas similares
Mantenha uma lista reserva.
AWS, Kubernetes 13 países aceitos
Senior Backend Engineer (AdTech)Leap ToolsVer vaga AWS, Kubernetes 13 países aceitos
Senior Backend EngineerLeap ToolsVer vaga Docker, Python 5 países aceitos
Lead Full Stack EngineerKepler GroupVer vaga AWS, CI/CD 13 países aceitos
Senior QA Automation EngineerSubway EcommerceVer vaga Stack
Use estas tags para comparar vagas remotas similares.
Elegibilidade de localização
Candidatos devem aplicar apenas quando o país do perfil estiver listado aqui.
Seu perfilPaís não definidoEntre para comparar seu país com esta vaga.
Fluxo de contratação
O WithMira mostra a vaga e depois envia candidatos para a aplicação da empresa.
1Confira fit da vaga, stack e elegibilidade de localização no WithMira.
2Abra a página de aplicação da empresa pelo link rastreado.
3Salve a vaga ou assine oportunidades similares antes de sair.