DevSecOps Engineer

At aiOla, we’re redefining how people interact with technology through voice-driven AI. Our mission is to make everyday business operations faster, smarter, and easier — and security is at the heart of everything we build.

We’re looking for a DevSecOps Engineer to join our growing infrastructure team and ensure our systems, pipelines, and products are secure by design. This role is ideal for someone who loves automation, lives and breathes cloud security, and wants to shape how security is embedded across the company.

Requirements:

• 3+ years of hands-on experience as a DevSecOps Engineer, combining security and cloud infrastructure.
• Strong knowledge of AWS services and cloud security best practices.
• Experience with Kubernetes (EKS) and container security.
• Familiarity with CI/CD pipelines with GitOps methodology on GitHub environments and automation tools (e.g., GitHub Actions).
• Hands-on experience with SAST, DAST and vulnerabilities management tools.
• Deep understanding of network security, identity management and secrets handling.
• Scripting skills in Python and Bash.
• A proactive, “security first” mindset — you think about how to prevent before how to fix.
  
  

• Experience with compliance frameworks (SOC2, ISO27001, GDPR).
• Familiarity with Terraform and Infrastructure as Code security.
• MLOps experience — securing AI/ML pipelines and data workflows.
• Prior experience in a startup or SaaS environment.
  
  

• Embed security best practices across the entire software development lifecycle — from design to deployment.
• Implement and manage automated security testing in CI/CD pipelines (code analysis, dependency scanning, container security, etc.).
• Collaborate closely with DevOps, Engineering and Product teams to define and enforce cloud security standards.
• Monitor and respond to vulnerabilities in the cloud (AWS), Kubernetes (EKS) and containerized environments.
• Integrate security tools, policies, and best practices to ensure compliance with regulations.
• Take active part in incident response processes and conduct regular security reviews.
• Partner with IT and GRC teams to support audits and risk assessments.