Senior DevSecOps / Platform Security Engineer (AWS + Kubernetes)

Red Cell Partners LLC

Job Overview

Location

Remote

Job Type

Full-time

Full Job Description

📋 Description

• Join Red Cell Partners, an innovative incubation firm dedicated to building and investing in rapidly scalable technology-led companies that are driving revolutionary advancements in healthcare, cyber, and national security. We are united by a shared sense of duty and a deep belief in the power of innovation to address our Nation’s most pressing problems.
• Within this dynamic environment, you will be instrumental in shaping the future of DEFCON AI, a cutting-edge modeling, simulation, and analysis (MS&A) company focused on generating operationally relevant insights for next-generation logistics and mobility decision-making.
• DEFCON AI leverages an AI-driven software incorporating an intelligent agent within a simulation environment to define how logistics disruptions are handled. We are a mission-focused team of world-class AI Engineers, mobility, and logistics experts committed to developing solutions that help partners better prepare for contested mobility disruptions.
• We are seeking a senior, hands-on DevSecOps/Platform Security Engineer to architect, build, and operate production security controls across our AWS and Kubernetes platform. This is a critical role where you will have significant ownership and the opportunity to make a tangible impact on our security posture.
• Your primary responsibility will be to design and implement robust guardrails that ensure secure delivery is the default for all our development processes. This includes automating security within CI/CD pipelines, establishing comprehensive software supply chain controls, and enforcing stringent Kubernetes policies.
• You will collaborate closely with our Platform/SRE and Security/GRC teams, acting as a bridge between development, operations, and security compliance.
• Key areas of ownership include:
• CI/CD Security Automation: Develop and maintain automated security workflows for developers, integrating tools for Static Application Security Testing (SAST), Software Composition Analysis (SCA), secrets scanning, and Infrastructure as Code (IaC) scanning.
• Software Supply Chain Security: Implement controls to secure our software supply chain, including Software Bill of Materials (SBOM) generation and management, artifact/image signing and verification, and robust provenance and promotion workflows.
• Kubernetes Policy Enforcement: Design and implement security guardrails for our Kubernetes environments using policy-as-code, ensuring workloads adhere to defined security baselines and admission controls.
• AWS Security Guardrails: Co-own the security of our AWS infrastructure with the Platform/SRE team, focusing on IAM patterns, robust logging and detection mechanisms, and establishing secure network and encryption baselines.
• Security/GRC Partnership: Work closely with the Security/GRC team to interpret compliance requirements and evidence needs, translating them into practical, automated controls within our engineering systems and pipelines.
• Your day-to-day activities will involve:
• Designing, building, and maintaining scalable CI/CD security controls that can be adopted across multiple repositories and teams, including reusable pipeline components, templates, and standards.
• Implementing a secure Kubernetes architecture and enforcing guardrails such as RBAC hardening, workload security baselines, admission policies, network policies, and secure multi-tenant patterns where applicable.
• Enhancing container security throughout the entire lifecycle, from base-image strategy and vulnerability scanning to registry controls, image signing, and promotion workflows.
• Operationalizing vulnerability management with a focus on risk-based prioritization, establishing measurable remediation Service Level Agreements (SLAs), and developing dashboards and metrics to track Mean Time To Remediate (MTTR), exposure trends, and top recurring root causes.
• Driving developer enablement through clear documentation, lightweight design reviews and threat modeling for high-impact changes, conducting office hours, and embedding high-signal guidance directly into tooling.
• This role carries real production responsibility. You will not just be making recommendations; you will be shipping code and infrastructure, owning the reliability and outcomes of the security controls you build.
• You will participate in an on-call rotation and respond to incidents related to platform security controls and pipeline reliability, with the scope aligned with the Platform/SRE team.
• You will support delivery into regulated environments, working closely with Security/GRC to implement engineering-owned controls and produce audit-ready evidence. This includes translating requirements from standards like NIST SP 800-171 and CMMC expectations into practical, automated guardrails within our CI/CD, AWS, and Kubernetes environments.
• We foster a pragmatic, automation-first approach where security is built-in by default, with low-friction workflows for developers. We partner closely with Platform/SRE and Security/GRC, focusing on clear ownership and measurable outcomes.
• Our focus is on building durable systems, creating scalable guardrails, templates, and controls that benefit all teams. You will be instrumental in improving signal-to-noise ratios rather than adding unnecessary friction.
• We value analytical aptitude, effective communication, adaptability in a fast-paced tech landscape, and experience with agile methodologies. While a formal education is a plus, we prioritize hands-on experience and demonstrable skills. A commitment to continuous learning is essential as you stay aligned with the latest technology trends and best practices.

🎯 Requirements

• 5+ years of experience in DevOps/SRE/Platform Engineering and/or Security Engineering with a strong automation and delivery focus.
• Hands-on experience securing AWS environments, including IAM (least privilege), network controls, encryption (KMS), and centralized logging/detection.
• Strong Kubernetes security experience (EKS or equivalent), covering RBAC, workload hardening, and policy enforcement via admission control.
• Proven experience integrating security into CI/CD pipelines and developer workflows (SAST, SCA, secrets scanning, container scanning, IaC scanning).
• Proficiency in Infrastructure as Code (IaC) using tools like Terraform, CloudFormation, CDK, or Pulumi, with the ability to embed security guardrails into IaC workflows.
• Proficiency in scripting/coding languages such as Python, Go, or Bash for building integrations, automations, and internal tooling.
• Ability to communicate technical risks and trade-offs clearly and pragmatically to engineering teams, enhancing signal-to-noise rather than introducing friction.
• Experience with Kubernetes policy-as-code tooling (e.g., OPA/Gatekeeper, Kyverno) and secure workload identity patterns (e.g., OIDC/IRSA).
• Experience with software supply chain security concepts, including SBOM generation and management, signing/verification (e.g., cosign), and provenance.
• Familiarity with regulated delivery expectations (e.g., NIST SP 800-171/CMMC) and evidence-driven control implementation.

🏖️ Benefits

• Fully remote, results-based work environment.
• Competitive salary, bonus, and equity package.
• 100% employer-paid, comprehensive health insurance (medical, dental, vision) for you and your family.
• Unlimited Paid Time Off (PTO), subject to manager approval.
• Flexible work schedule allowing you to manage your workday.
• 14 weeks of fully-paid parental leave.

Skills & Technologies

Python

AWS

Kubernetes

Terraform

Senior

Remote

$175k-215k

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

Red Cell Partners LLC

Visit Website

About Red Cell Partners LLC

Washington, D.C.-based venture foundry that conceives, capitalizes and scales early-stage companies in healthcare and defense technology. Founded in 2021 by veterans and former government leaders, the firm combines capital investment with in-house operational expertise, recruiting, regulatory guidance and strategic partnerships to accelerate product-market fit. Its portfolio spans AI diagnostics, cybersecurity, medical devices and national security software, aiming to close capability gaps for both commercial and government customers.

View Company Profile