Jobs · Engineering · Massachusetts

SecOps Engineer

Maven AGI · Boston, MA · 1 mo ago
HybridEngineeringFull-time

Key Responsibilities

  • Own the security posture of our infrastructure, including Kubernetes clusters: admission control, network policy, runtime threat detection, and workload isolation
  • Harden CI/CD pipelines against supply chain threats: SAST/DAST, SBOM generation, signed artifacts, and dependency scanning across a large-scale monorepo
  • Design, implement, and maintain security infrastructure across cloud providers (Azure, AWS, GCP) using infrastructure-as-code (Pulumi, Terraform, Helm)
  • Build and operate detection and response capabilities (SIEM, audit logging, alerting) and lead incident response end-to-end: from triage to forensics to postmortem
  • Support compliance programs (SOC 2, HIPAA, ISO): evidence automation, control mapping, audit readiness, and customer security reviews
  • Manage identity, secrets, and access controls across cloud, SaaS, and Kubernetes, enforcing least privilege and short-lived credentials by default
  • Address AI-specific risks (model access, prompt injection, data exfiltration) as we expand our agent platform
  • Evaluate and adopt new tooling to reduce manual toil and scale security coverage as the company grows

Required Qualifications

  • 3-7 years of professional Security Engineering, DevOps, or SRE experience
  • Strong infrastructure-as-code and policy-as-code skills
  • Hands-on experience securing CI/CD systems (GitHub Actions, ArgoCD): supply chain controls, secret scanning, signed builds
  • Deep experience with detection and response tooling (SIEM, EDR, audit logging) and leading incidents end-to-end
  • Proficiency in at least one scripting/programming language (Python, Go, TypeScript, or Bash) for automation and tooling
  • Solid understanding of cloud security across IaaS providers: IAM, networking, DNS, TLS, KMS, and identity federation
  • Experience securing Kubernetes in production (AKS, EKS, or GKE): RBAC, network policy, admission control, runtime security
  • Working knowledge of at least one compliance framework (SOC 2, HIPAA, ISO 27001, GDPR) and the engineering work behind audit readiness
  • Solid communication and cross-team collaboration skills: security at a startup is a partnership, not a gate
  • Organized, detail-oriented, comfortable operating in a ticketing environment
  • Thrives in fast-paced startup environments

Nice-to-Haves

  • Compliance automation experience (Vanta, Drata, or in-house evidence collection)
  • Experience with multi-cloud or hybrid (cloud + on-prem) deployments
  • Background in offensive security, red teaming, or CTF
  • Contributions to open-source security tooling

Similar jobs

SecOps Engineer

Red VenturesCharlotte, NC· 1 wk ago
Engineeringapply on redventures.com

SecOps Engineer

UpstartUnited States· 1 wk ago
RemoteEngineering$112k–$155k/yrapply on app.greenhouse.io

SecOps Engineer

Midwest Tape, LLCHolland, OH· 6 days ago
Engineeringapply on workforcenow.adp.com

SecDevOps Engineer

Accenture Federal ServicesChantilly, VA· 2 wk ago
Engineering$121k–$222k/yrapply on boards.greenhouse.io