Senior DevSecOps

We are

We are a cloud and security services company composed of technical experts with extensive hands-on experience. We act as trusted advisors to our clients, offering independent, objective and custom-tailored consultation. Our team is dedicated to helping customers through every stage of their cloud and cybersecurity journey, from strategic planning and design to implementation and ongoing operations. 

About the position

We are looking for a Senior DevSecOps Engineer to design and implement secure, scalable cloud-native solutions for large-scale environments. This role combines architecture-level design with hands-on engineering, focusing on cloud efficiency, robustness, and security across both infrastructure and applications.

You will work closely with customers and internal teams to architect secure-by-design platforms, embedding security across the cloud and application lifecycle. The ideal candidate brings strong expertise in cloud security, application security, and DevSecOps practices, and can act as a trusted advisor on complex cloud projects.

Responsibilities:

• Design and implement secure architectures for cloud infrastructure and cloud-native applications, ensuring scalable, resilient, and efficient solutions aligned with business goals.
• Conduct risk assessments and threat modeling to identify vulnerabilities and recommend security improvements tailored to the organization’s architecture, infrastructure, and data.
• Ensure cloud and application security architectures comply with relevant standards and frameworks such as ISO 27001, SOC 2, and industry best practices.
• Work closely with development and platform teams to embed security throughout the software development lifecycle (SDLC), including threat modeling, secure design, and secure coding practices.
• Evaluate, design, and integrate security technologies and controls across cloud platforms, CI/CD pipelines, and application environments.
• Advise customers and internal stakeholders on security architecture, clearly communicating risks, trade-offs, and practical recommendations.
• Stay current with emerging technologies, cloud platforms, and security methodologies to continuously improve architecture and delivery practices.
• Mentor engineers and promote DevSecOps best practices, fostering a culture of security, technical excellence, and continuous learning.
• Contribute to the broader security community through knowledge sharing, publications, conferences, and professional engagement.

Qualifications

• 5+ years of experience in DevOps, with at least 1 year of experience designing and architecting cloud or security solutions.
• Strong architectural knowledge of at least one major cloud platform (AWS or Google Cloud), with the ability to design secure, scalable cloud-native solutions.
• Hands-on experience implementing and supporting containerized applications and Kubernetes environments in production.
• Proven hands-on experience implementing DevSecOps practices, including integrating security controls and tooling into CI/CD pipelines.
• Solid understanding of secure application design, threat modeling, and secure development practices, with experience integrating security into modern software architectures.
• Experience working with development, platform, and cloud teams to embed security throughout the software delivery lifecycle.
• Ability to balance security requirements with scalability, reliability, and business goals when designing cloud architectures.
• Strong communication skills and experience advising internal teams or customers on security architecture and best practices.
• Relevant cloud certifications such as AWS Certified Solutions Architect – Professional, AWS Certified Security – Specialty, Google Cloud Professional DevOps Engineer, or Google Cloud Professional Security Engineer - advantage.