F

Senior DevSecOps / Platform Security Engineer (AWS + Kubernetes)

Flexionisvia Flexionis
RemotoCaSêniorCLT5 dias atrás

Salário Estimado

R$ 12.375,00 - R$ 18.563,00

Tecnologias

PythonGoAWSKubernetesIA
0de 100

Excelente

Score da Vaga

Descrição da Vaga

Defcon Ai RESILIENCE IN THE FACE OF DISRUPTION.


DEFCON AI is an insights company that leverages artificial intelligence, mathematical optimization, data analytics, and software engineering for resilient optimization of complex systems.


In today's dynamically changing world, DEFCON AI's technology aligns outcomes with operational goals, better decision making, and empowers customers to anticipate assess, and mitigate the impacts of disruptions.


About the Role We're hiring a senior, hands-on DevSecOps/Platform Security Engineer to build and operate production security controls across our AWS and Kubernetes platform.


You'll design and implement guardrails that make secure delivery the default—covering CI/CD security automation, software supply chain controls, and Kubernetes policy enforcement—while partnering closely with Platform/SRE and Security/GRC.


What You'll Own: You'll have real ownership over critical platform security capabilities including:

CI/CD security automation and developer-facing security workflows (SAST/SCA, secrets scanning, IaC scanning, container scanning).
software supply chain controls (SBOM, artifact/image signing and verification, provenance and promotion workflows). • Kubernetes policy enforcement and admission controls (policy-as-code) that encode platform security guardrails.
Co-own AWS security guardrails with Platform/SRE (IAM patterns, logging and detection, network and encryption baselines). • Partner with Security/GRC on control interpretation and evidence needs; implements controls in engineering systems and pipelines.

What You'll Do • Design, build, and maintain CI/CD security controls that scale across repositories and teams (reusable pipeline components, templates, and standards).

Implement Kubernetes security architecture and guardrails (RBAC hardening, workload security baselines, admission policies, network policies, and safe multi-tenant patterns as applicable). • Improve container security end-to-end: base-image strategy, vulnerability scanning, registry controls, image signing, and promotion workflows.
Operationalize vulnerability management with risk-based prioritization, measurable remediation SLAs, and dashboards/metrics (MTTR, exposure trends, top recurring root causes). • Drive developer enablement: clear documentation, lightweight design reviews/threat modeling for high-impact changes, office hours, and high-signal guidance embedded in tooling.

Real Production Responsibility: This role builds and runs production secutiry systems. • You'll ship code and infrastructure, not just recommendations

You'll own reliability and outcomes for the controls you build. • You'll response to incidents and on-call rotation related to platform security controls and pipeline reliability (scope aligned with Platform/SRE).

Regulated Environment Support This role supports delivery into regulated environments and works closely with Security/GRC to implement engineering-owned controls and produce audit-ready evidence.


You'll help translate requirements (for example, NIST SP 800-171 and CMMC expectations) into practical, automated guardrails within CI/CD, AWS, and Kubernetes.


What We're Looking For (Required) • 5+ years of experience in DevOps/SRE/Platform Engineering and/or Security Engineering with a strong automation and delivery focus.

Hands-on experience securing AWS environments: IAM (least privilege), network controls, encryption (KMS), and centralized logging/detection. • Strong Kubernetes security experience (EKS or equivalent): RBAC, workload hardening, and policy enforcement via admission control.
Experience integrating security into CI/CD pipelines and developer workflows (SAST, SCA, secrets scanning, container scanning, IaC scanning). • Infrastructure as Code proficiency (Terraform, CloudFormation, CDK, or Pulumi) and ability to embed guardrails into IaC workflows.
Proficiency scripting/coding (e.g., Python, Go, Bash) to build integrations, automations, and internal tooling. • Able to communicate risk and tradeoffs clearly and pragmatically to engineers; improves signal-to-noise rather than adding friction.

Nice to Have (Preferred) • Experience with Kubernetes policy-as-code tooling (OPA/Gatekeeper, Kyverno) and secure workload identity patterns (OIDC/IRSA).

Experience with software supply chain security: SBOM generation and management, signing/verification (e.g., cosign), and provenance concepts. • Experience building 'golden paths' or internal developer platforms that improve both delivery velocity and security outcomes.
Familiarity with regulated delivery expectations (NIST SP 800-171/CMMC) and evidence-driven control implementation.

How we work:

Pragmatic, automation-first approach: secure-by-default, low-friction workflows.
Partners closely with Platform/SRE and Security/GRC; clear ownership and measurable outcomes. • Focus on durable systems: guardrails, templates, and controls that scale across teams.

Other Qualifications • Analytical

Vagas Semelhantes

Logo Keebler Health

AI Engineer (LLMs for Healthcare)

Keebler HealthDailyRemote
RemotoRemotoHoje

R$ 16k - 24k/mês

SêniorCLT

the role We are seeking a talented and motivated mid to senior level AI Engineer with expertise in developing and fine-tuning large language models (LLMs), healthcare workflows, and AI/ML engineering best practices. The ideal candidate will bring a deep understanding of healthcare-specific challenge...

PythonGoAWSAzureGCP+5
Ver Detalhes
S

Desenvolvedor IA | LLM & Agents

SmarthisSmarthis - Gupy
RemotoBrHoje

R$ 12k - 19k/mês

SêniorCLT

Descrição da vaga Quem somos: A Smarthis é referência em transformação digital na América Latina, com atuação em mais de 25 países e um time de 200+ especialistas apaixonados por inovação. Nossa expertise está em soluções integradas de ponta a ponta, combinando: • Inteligência Artificial • Agentes I...

PythonGoAWSAzureGCP+6
Ver Detalhes
S

Desenvolvedor IA - LLM & Agents

SmarthisJobilize
RemotoBrHoje

R$ 11k - 17k/mês

SêniorCLT

Descrição da vagaQuem somos: ASmarthisé referência emtransformação digital na América Latina, com atuação em mais de25 paísese um time de200+ especialistasapaixonados por inovação.Nossa expertise está emsoluções integradas de ponta a ponta, combinando: Inteligência ArtificialAgentes Inteligentes (Ag...

PythonGoAWSAzureGCP+6
Ver Detalhes
Logo Ci&T

[Job - 28050] Senior Backend Developer (Java/Springboot), Brasil

Ci&TJobgether
RemotoBrHoje

R$ 12k - 19k/mês

SêniorCLT

This a Full Remote job, the offer is available from: Brazil Somos especialistas em transformação tecnológica, unindo expertise humana à IA para criar soluções tech escaláveis. Com mais de 8,000 CI&Ters ao redor do mundo, já formamos parcerias com mais de 1,000 clientes durante nossos 30 anos de hist...

ReactPythonJavaGoRedis+6
Ver Detalhes

Interessado nesta vaga?

Candidatar-se

Você será redirecionado para o site original

Informações

NívelSênior
ContratoCLT
LocalCa
RemotoSim
MoedaBRL
Publicada5 dias atrás
FonteFlexionis

Análise de Vaga com IA

Estimativa salarial, match de tecnologias e análise de requisitos feitos com Inteligência Artificial

Powered by CodeCortex
← Voltar às Vagas