Search...

Staff DevSecOps Engineer

Red Cell Partners logo
Red Cell Partners

Stealth

Distributed
View jobs by Red Cell Partners

Skills

About the Role

You will become the technical owner of how security gets built into Trase's software development lifecycle and cloud operations. You'll integrate automated security testing, continuous vulnerability management, and secure coding practices directly into existing CI/CD pipelines, and own the implementation of a dedicated security architecture that delivers shift-left tooling alongside production cloud security services, all deployed through infrastructure-as-code. By standardizing and operating secure pipelines, you'll empower software engineers to focus on high-velocity delivery while maintaining the controls required by customers and regulators. You'll design and deploy production cloud security architecture, implement foundational controls, operate cloud security posture management, build secure-by-default Terraform modules, run the SIEM and detection engineering program, lead incident response, manage vulnerabilities across application, container, and cloud surfaces, and mentor junior engineers on secure coding and cloud security best practices.

Requirements

  • 10+ years of experience in security engineering, DevSecOps, cloud security, or platform security roles, including significant time as a senior individual contributor
  • Deep, hands-on experience securing modern CI/CD pipelines, including production deployment of SAST, DAST, SCA, secrets, container, and IaC scanning
  • Strong cloud security expertise, with primary depth in Google Cloud Platform or proven multi-cloud expertise
  • Expert-level Terraform skills and a track record of building secure-by-default IaC modules
  • Demonstrated experience standing up and operating a SIEM end-to-end
  • Hands-on incident response leadership, including runbook authorship, on-call design, and serving as a senior responder
  • Practical experience operating in environments governed by SOC 2, HIPAA, and ISO 27001
  • Strong programming or scripting skills (Python, Go, or similar)
  • Excellent partnership skills and a developer-empathetic mindset
  • Strong affinity and practical skill for working with LLMs and AI agents
  • US Citizen and eligible for US security clearance

Responsibilities

  • Design, implement, and operate the shift-left security toolchain across CI/CD pipelines including SAST, DAST, SCA, secrets scanning, container image scanning, and IaC scanning
  • Define how findings are triaged, routed, and remediated while keeping developer experience high
  • Establish and enforce policy-as-code and pre-merge security gates calibrated to risk
  • Design and deploy production cloud security architecture with a primary focus on GCP and a path to multi-cloud
  • Implement foundational controls including network segmentation, workload identity, secrets management, encryption, and least-privilege IAM
  • Stand up and operate cloud security posture management and cloud workload protection capabilities
  • Build, codify, and maintain secure-by-default infrastructure modules in Terraform
  • Embed security controls directly into platform abstractions
  • Drive secure baselines for Kubernetes, container runtimes, and serverless workloads
  • Operate and fine-tune the SIEM and security telemetry pipeline, designing log sources, detections, and alerting workflows
  • Define detection-as-code practices and tune detections to balance signal and noise
  • Build dashboards and reporting for real-time visibility into environment posture
  • Enhance and lead technical security incident response including runbooks, on-call rotation design, tabletop exercises, and post-incident reviews
  • Serve as a senior responder during security events
  • Operate the end-to-end vulnerability management lifecycle across application, container, and cloud surface area
  • Facilitate remediation SLAs and report on progress to leadership
  • Partner with Engineering and Security teams to translate framework requirements such as SOC 2, HIPAA, ISO 27001, FedRAMP, and NIST 800-53 into controls
  • Embed with Product and Engineering teams to ensure security is integral to how the company builds
  • Mentor junior Security and Compliance engineers and Engineering team members on secure coding, threat modeling, and cloud security
  • Establish and propagate patterns, runbooks, and reusable building blocks to scale security capabilities

Benefits

  • 100% employer paid, comprehensive health care including medical, dental, and vision for you and your family
  • Paid maternity and paternity for 14 weeks at employees' normal pay
  • Unlimited PTO, with management approval
  • Optional 401K, FSA, and equity incentives available
  • Mental health benefits available through Tara Mind
  • Cost effective GLP-1 solutions available through Crux