Key skills
Infrastructure as CodeCloud security best practicesSecurity frameworks certificationsCI/CD pipelinesContainerizationorchestrationScripting languagesSecurity conceptsDevSecOps practicesCompliance automation toolsSoftware development backgroundSystem administration backgroundProblem-solving skillsPythonBashAWSAzureGCPTerraformKubernetesDockerGitHub ActionsGitLab CIPulumiArgoCDGitHubGitLabCI/CDCloud Security
About this role
MetalBear is a global fully remote team building open-source developer tools for cloud engineers. They are seeking a Founding DevSecOps Engineer to take ownership of their infrastructure, security, and compliance foundations as they scale.
Responsibilities:
- Maintain and improve our IaC setup, ensuring reliability, scalability, and security
- Oversee security architecture, implementing best practices for cloud security and compliance
- Lead certification efforts, including ISO 27001, SOC 2, and other relevant frameworks
- Continuously assess and enhance security posture across infrastructure and applications
- Design, implement, and maintain CI/CD pipelines to streamline deployment and development workflows
Requirements:
- Experience with Infrastructure as Code (Terraform, Pulumi, or similar tools)
- Strong knowledge of cloud platforms (AWS, GCP, Azure) and cloud security best practices
- Experience with security frameworks and certifications (ISO 27001, SOC 2, NIST, etc.)
- Hands-on experience managing CI/CD pipelines (GitHub Actions, GitLab CI, ArgoCD, etc.)
- Knowledge of containerization and orchestration (Docker, Kubernetes)
- Proficiency in scripting languages (Python, Bash, or similar)
- Understanding of security concepts, threat modeling, and vulnerability assessments
- Strong problem-solving skills and ability to work independently
- Experience with DevSecOps practices and tools
- Familiarity with compliance automation tools
- Background in software development or system administration