Software Engineer, DevSecOps
About the role
As a Software Engineer, Security Infrastructure, you will define the security posture, architecture, and practices that keep SIFT’s products and infrastructure secure in the most demanding environments. You will build and maintain tooling, scripts, services, and automation that assess, enforce, and monitor security and compliance controls across our AWS cloud environments, Kubernetes clusters, and CI/CD pipelines. You will develop lightweight internal solutions, partner with the infrastructure and platform engineering teams, improve visibility into our security posture, conduct security reviews, and support incident response.
Responsibilities
- Maintain and automate security and compliance controls in cloud-native environments
- Build and embed security guardrails directly into infrastructure-as-code, container orchestration, and deployment workflows
- Implement access controls, encryption, logging/monitoring, and vulnerability management at scale
- Translate compliance requirements into technical implementations and reduce toil by automating security workflows and remediation
- Conduct security reviews and provide clear guidance for new features, services, and infrastructure changes
- Collaborate with external compliance specialists to meet the requirements of aerospace, defense, and enterprise sectors
Requirements
- 4–7+ years of hands-on experience in security engineering, platform/DevSecOps, or cloud infrastructure roles
- Proven track record shipping production-grade security automation in cloud-native environments
- Deep familiarity with implementing technical controls for SOC 2, FedRAMP, or similar frameworks
- Strong proficiency in scripting and automation (Python, Go, Bash, or similar)
- Hands-on experience with Infrastructure as Code (Terraform or equivalent), containerized environments (Kubernetes), and CI/CD systems
- Working knowledge across core security domains: Access control, identity management, and least-privilege enforcement; Logging, monitoring, auditing, and security observability; Encryption, key management, and secrets handling; Vulnerability scanning, policy-as-code, and continuous compliance; Incident response and change management
- Comfort operating as a founding security engineer and strong problem-solving skills with a builder mindset
Qualifications
- U.S. Citizenship, Lawful Permanent Resident, Asylee, or Refugee status required
- ITAR/EAR regulations compliance eligibility
Skills
- Hands-on experience in security engineering, platform/DevSecOps, or cloud infrastructure roles
- Experience with scripting and automation (Python, Go, Bash, or similar)
- Proficiency in Infrastructure as Code (Terraform or equivalent), containerized environments (Kubernetes), and CI/CD systems
- Knowledge of core security domains including access control, identity management, logging, monitoring, encryption, and vulnerability management
- Experience with SOC 2, FedRAMP, or similar frameworks
- Ability to quickly assess system state and deliver pragmatic, high-impact solutions
- Comfort operating as a founding security engineer and strong problem-solving skills
Benefits
- Competitive salary range: $170,000 - $220,000 per year
- Equity and benefits package
Pay
$170,000 - $220,000 per year
Schedule
SIFT’s headquarters is in Marina Del Rey, CA (Next to LAX). We collaborate in person twice a week—on Mondays and Thursdays—and come together for a full week every two months. We are open to relocating candidates to LA or working from our San Francisco office for the right candidate.