Senior DevSecOps Engineer

Istari Digital is a digital engineering software company focused on creating scalable digital engineering ecosystems. They are seeking a Senior DevSecOps Engineer to secure, harden, and scale their infrastructure across cloud-hosted production environments, working closely with platform, infrastructure, and security teams to ensure reliability and compliance.

Responsibilities:

• Design, implement, and maintain secure, scalable infrastructure in AWS
• Manage, secure, and improve Kubernetes-based environments, including production workloads
• Build and maintain infrastructure as code using Terraform
• Harden production systems across cloud, compute, container, identity, and network layers
• Develop and maintain secure baseline configurations for infrastructure and platform services
• Support vulnerability management, patching, remediation, and configuration compliance efforts across environments
• Configure, administer, and patch both Linux and Windows VMs
• Support identity and access management practices, including least privilege, role design, and privileged access controls
• Contribute to administration and integration of Active Directory domains where needed
• Partner with engineering teams to improve security within CI/CD pipelines, deployment workflows, and operational processes
• Support compliance initiatives, audits, evidence collection, and technical control validation
• Develop and maintain documentation, operational runbooks, technical standards, and playbooks
• Monitor, troubleshoot, and resolve complex infrastructure and security issues with clear and timely communication
• Participate in incident response and post-incident analysis when infrastructure or platform issues arise
• Stay current on cloud, infrastructure, and security best practices that can improve platform resilience and delivery

Requirements:

• Minimum of 5 years of experience in DevOps, DevSecOps, Infrastructure Engineering, Platform Engineering, or Security Engineering
• Strong hands-on experience with AWS in production environments
• Proven experience with Kubernetes, preferably in production
• Strong experience with Terraform and infrastructure-as-code practices
• Experience hardening production environments and implementing secure configuration standards
• Experience supporting compliance frameworks, audit preparation, evidence gathering, and control validation
• Experience with vulnerability remediation, system patching, and operational security practices
• Experience configuring and maintaining both Linux and Windows virtual machines
• Strong understanding of IAM, secrets management, network security, logging, monitoring, and operational controls
• Proven experience improving or securing CI/CD pipelines and deployment workflows
• Excellent troubleshooting and problem-solving skills in complex production environments
• Strong communication skills with the ability to explain technical concepts to both technical and non-technical stakeholders
• Must live/work in the U.S
• Experience supporting environments with regulated, compliance-driven, or security-sensitive requirements
• Familiarity with compliance or security frameworks such as SOC 2, NIST, ISO 27001, CMMC, or similar
• Experience with EKS or other managed Kubernetes platforms
• Experience configuring or supporting Active Directory Domain Services, Group Policy, or hybrid identity environments
• Experience with automation and configuration management tools such as Ansible, PowerShell, or similar
• Experience with PostgreSQL, cloud storage platforms, and production networking patterns
• Scripting experience in Python, Bash, or PowerShell
• Experience with security tooling related to container security, vulnerability management, or policy enforcement
• Experience supporting customer-facing or mission-critical production infrastructure
• Security+ Certification
• Top Secret Security Clearance