Software Engineer, DevSecOps

📋 Description

• • Build and maintain security tooling, scripts, and automation to assess, enforce, and monitor compliance controls across AWS cloud environments, Kubernetes clusters, and CI/CD pipelines.
• • Develop lightweight internal solutions such as policy-as-code, custom scanners, and CI/CD integrations to make security and compliance automatic, auditable, and invisible to engineering teams.
• • Embed security guardrails directly into infrastructure-as-code (Terraform), container orchestration, and deployment workflows to ensure secure-by-default becomes the path of least resistance.
• • Partner with infrastructure and platform engineering teams to harden cloud-native systems by implementing access controls, encryption, logging/monitoring, and vulnerability management at scale.
• • Improve visibility into the organization’s security posture through automated reporting, dashboards, and real-time observability that highlight risks and control coverage.
• • Translate compliance requirements from SOC 2, FedRAMP, and related frameworks into pragmatic, enforceable technical implementations rather than manual checklists.
• • Reduce toil by automating security workflows, compliance validation, and remediation to enable fast engineering delivery without compromising security.
• • Support incident response and post-incident improvements by building enhanced observability and tooling that accelerates threat detection and system recovery.
• • Conduct security reviews of new features, services, and infrastructure changes, providing clear, actionable guidance to help teams design and implement secure solutions.
• • Operate as a founding security engineer in a fast-moving environment, owning security posture end-to-end with a builder mindset focused on enabling velocity while raising the security bar.
• • Work primarily in AWS cloud environments with deep hands-on experience in cloud-native security automation, not just compliance documentation or program management.
• • Utilize scripting and automation tools such as Python, Go, or Bash to build custom tooling rather than relying solely on off-the-shelf security products.
• • Apply deep familiarity with technical controls for SOC 2, FedRAMP, or similar frameworks in real production systems across aerospace, defense, and enterprise domains.
• • Integrate security into CI/CD systems, Kubernetes, and Terraform workflows to ensure continuous compliance without slowing development.
• • Maintain working knowledge across core security domains: access control and least-privilege enforcement, logging and auditing, encryption and secrets management, vulnerability scanning, policy-as-code, incident response, and change management.
• • Assess system state rapidly, identify meaningful security gaps, and deliver high-impact, pragmatic solutions in a dynamic, high-stakes environment.
• • Operate with comfort in ambiguity, establishing standards and processes from the ground up with minimal oversight.
• • Collaborate with external compliance specialists to meet the stringent requirements of aerospace, defense, and enterprise sectors.
• • Contribute to a security culture that balances rigorous protection with engineering velocity, ensuring security is embedded, not bolted on.