DevOps Security Engineer

Job description

We are looking for a hands-on DevOps Security Engineer who will help security our posture throughout the software delivery lifecycle — from the first line of code to production deployment and beyond. Our stack is complex. We ship frequently across multiple services running on containerized, cloud-native infrastructure managed entirely as code. Every release needs to be hardened before it reaches customers, and every pipeline needs to enforce that standard automatically. Your job is to make sure that happens — and to build the systems that make it repeatable, auditable, and fast. Vulnerability Analysis & Release Security: Conduct deep-dive vulnerability and security reviews of all software releases before they reach production. This includes manual code review of high-risk changes alongside automated scanning output triage. Own the pre-shipment security gate process: define pass/fail criteria, enforce them in CI/CD, and be the escalation point when a release is blocked on a security finding. Triage and classify vulnerabilities from SAST, DAST, SCA, and container scanning tools. Distinguish real risk from noise, prioritize remediation, and work directly with engineering teams to driv...