DevSecOps Engineer
Overflow · United States · Today
RemoteRemoteEngineeringFull-time
What You Will Do
- Secure, manage, and scale Overflow’s cloud environment, implementing least-privilege IAM policies, network security (VPCs, WAFs, Security Groups), and robust secret management.
- Refine existing infrastructure provisioning using Infrastructure as Code (IaC) tools, ensuring security best practices.
- Deploy and manage comprehensive observability, logging, and alerting frameworks to detect performance bottlenecks, anomalous behavior, or potential security incidents.
- Own and optimize our continuous integration and deployment (CI/CD) pipelines.
- "Shift Left" by integrating automated security testing (SAST, DAST, dependency scanning, container scanning) directly into the developer workflow.
- Act as a security champion, partnering with software engineers to perform threat modeling, architectural reviews, and secure coding training.
What You Should Have
- Core Experience: 5+ years in DevOps, Site Reliability, or Cloud Platform roles
- Cloud Expertise: Deep, hands-on experience with Docker and AWS ECS Fargate
- CI/CD Automation: Extensive experience building and maintaining robust deployment pipelines using GitHub Actions.
- Security & Compliance: Practical experience maintaining SOC 2 technical controls and a strong understanding of the architectural requirements for PCI-DSS (ideally Level 1) compliance.