Were looking for people who are relentlessly curious and committed to continuous learning. AI is reshaping every function across our business, and we enable every team member, regardless of role or level, to build fluency in AI tools and concepts. Those who thrive here actively seek out new solutions, experiment thoughtfully, and apply what they learn to drive better, faster, smarter outcomes.
As a Staff DevSecOps Engineer- Prompt, you will be tasked with hands-on DevSecOps engineering responsibilities, including managing Kubernetes environments, architecting and securing AWS cloud infrastructure, building and maintaining CI/CD pipelines, and enforcing container and cloud security best practices.
What Will You Do?
Primary responsibilities include:
Own the infrastructure security domain across cloud and Kubernetes environments
Build and maintain secure CI/CD pipelines and cloud infrastructure
Manage and remediate vulnerabilities in container images, infrastructure, and application code
Implement and maintain security tooling (SAST, DAST, SCA, secret scanning)
Own compliance initiatives such as SOC2, HIPAA, CIS, NIST, ISO 27001, and FIPS-related requirements, including working with platforms like Scytale and supporting audits, evidence collection, and remediation processes
Handle penetration test remediation and security audit findings
Manage user access, IAM, RBAC, and security policies
Maintain and automate certificate management and secrets handling
Implement and manage WAF, DDoS protection, and network security controls
Improve Kubernetes platform security, monitoring, and automation.
Requirements: Ideal candidates will have:
Strong experience with Kubernetes/OpenShift and AWS/EKS
Experience with Terraform, Helm, GitHub Actions, and ArgoCD
Experience securing CI/CD pipelines, container images, and cloud environments
Experience working with hardened/minimal container image providers such as Echo and Minimus or similar
Familiarity with FIPS-compliant environments and security best practices
Experience with security tools such as our company(S1), Snyk, Wiz, Trivy, Prisma Cloud, SonarQube, Checkov, or similar
Familiarity with vulnerability management, WAF, DDoS protection, and DevSecOps practices
Experience working with compliance and security standards
Ability to demonstrate previous hands-on experience with security remediation, compliance processes, and DevSecOps implementations
Strong Linux, networking, and troubleshooting skills.
This position is open to all candidates.