Act as a senior technical owner for DevSecOps and cloud security as the organization scales toward enterprise standards
Operate effectively with a high degree of ambiguity, proactively shaping direction rather than executing predefined tasks
Design solutions that are scalable, auditable, and sustainable across multiple teams and regions
Maintain a strong bias toward quality, detail, and correctness in architecture, implementation, and documentation
Think beyond immediate delivery and continuously improve foundations, tooling, and processes
Architect, implement, and continuously improve cloud security and DevSecOps practices across the organization
Design and maintain secure, scalable AWS infrastructure using Terraform with a strong emphasis on best practices and maintainability
Collaborate closely with engineering teams on CI/CD, code-related workflows, and delivery practices
Own and evolve monitoring, alerting, and observability using Datadog
Lead the design and implementation of foundational security capabilities, including:
Identity and access management
Secrets and key management
Network security and segmentation
Logging, auditing, and incident readiness
Drive security governance and GRC-related initiatives
Provide mentorship and set engineering standards through example, reviews, and documentation
Collaborate with Engineering and IT Operations teams to ensure systems are secure, resilient, and operationally sound.
Requirements
10+ years of professional experience in DevOps, DevSecOps, Security Engineering, or related roles
Proven track record of successfully delivering meaningful security and infrastructure improvements in complex environments
Strong hands-on experience with:
AWS (security, networking, IAM, and core services)
Terraform (modular, scalable, and secure infrastructure-as-code)
CI/CD pipelines (CircleCI or comparable tools)
Datadog or similar observability platforms
Solid understanding of security and GRC best practices, including risk management, controls, and audit concepts
Practical experience with day-to-day IT operations, including SaaS tooling, access management, operational workflows, and application of IT best practices in a growing organization
Demonstrated ability to work independently, prioritize effectively, and drive initiatives from idea to execution
Strong attention to detail, documentation quality, and operational rigor
Clear communicator who can explain complex technical and security concepts to both technical and non-technical audiences.