Senior DevSecOps Engineer

Sygnia is a top tier cyber technology and services company, providing high-end consulting and incident response support for organizations worldwide. Sygnia works with companies to proactively build their cyber resilience and to respond and defeat attacks within their networks. It is the trusted advisor and cyber security service provider of IT and security teams, senior management, and boards of top organizations worldwide, including Fortune 100 companies.

The company draws on top talent from the ranks of elite military technology units and from across the cyber industry and has some of the world’s top talents in cybersecurity. Described by Forbes as a “cyber security delta force”, it applies technological supremacy, digital combat experience, data analytics and a business-driven mindset to cyber security, enabling organizations to excel in the age of cyber.

Our Technology group builds Velocity - a world class product for threat detection, investigation and response (TDIR). This system plays a critical role in cyber threat investigations, integrating high-volume data ingestion, complex analytics, and large-scale querying. Our product is deployed in hundreds of clients, including many Fortune 500 companies, all around the world (from North America through Europe, APAC and all the way to Australia), and as part of the team you will have the privilege to take part in the ongoing fight against cyber threat actors of the highest levels.

We are seeking a talented Senior DevSecOps Engineer / Security Architect to act as the primary security owner and focal point for the Velocity R&D organization. The ideal candidate will possess a background in IT and security platforms, strong coding skills, the ability to independently learn new technologies, an unwavering commitment to quality, a collaborative work ethic, and a profound passion for securing complex infrastructures.

Main Responsibilities:

· Security Strategy & Architecture

• Own and continuously improve Velocity’s overall security posture, including risk assessment, prioritization, and long-term planning.
• Design and guide secure architectures for new and existing systems and features, aligned with best practices and compliance requirements.
• Lead threat modeling efforts and drive proactive validation against emerging attack techniques.
• Evaluate, introduce, and develop security solutions tailored to Velocity’s environment.
• Design and implement security controls for emerging technologies, including agentic AI systems, addressing risks such as misuse, data leakage, and adversarial manipulation.

· Security Engineering & DevSecOps

• Embed security across the development lifecycle, including CI/CD pipelines, infrastructure, and application layers.
• Enhance logging, auditing, and detection capabilities, and design detection strategies tailored to the platform.
• Own and optimize security tooling, ensuring strong integration, visibility, and coverage across systems.

· Incident Response & Operations

• Investigate and respond to security incidents and alerts, leveraging deep system understanding.
• Perform root cause analysis and drive improvements to prevent recurrence.

· Collaboration & Enablement

• Partner closely with R&D, IT, Product, and the CISO to ensure secure design and day-to-day operations.
• Support compliance initiatives (e.g., SOC 2) and security reviews with internal and external stakeholders.
• Assist in customer-facing security processes, including questionnaires and evaluations.
• Promote security awareness and provide guidance across the organization.

Main Requirements:

• 5+ years of experience in DevSecOps, Security Engineering, or related roles within complex production environments.
• Experience working in a cybersecurity company or security-focused organization.
• Strong hands-on experience with cloud platforms, with a focus on AWS.
• Solid experience working with Kubernetes, Docker, and Linux-based systems.
• Proven experience integrating security into SaaS development lifecycles (SDLC) and working with monitoring and observability tools.
• Experience with Infrastructure as Code (IaC) tools such as Terraform, Pulumi, or similar.
• Proficiency in scripting and automation using languages such as Python and/or Bash.
• Familiarity with security and IT platforms, including logging, monitoring, and detection systems.
• Strong understanding of security principles, threat modeling, and frameworks (e.g., NIST-CSF, CIS, SOC2, MITRE ATT&CK).
• Ability to operate independently, take ownership, and drive initiatives end-to-end.
• Excellent communication skills, including the ability to operate effectively during high-pressure incidents in a global environment.

Advantages:

• Hands-on experience with databases and data platforms such as PostgreSQL, Snowflake, Elasticsearch, or Redis.
• Background in DevOps / Platform Engineering roles.
• Experience in consulting or customer-facing environments.