HyperproofRemote
Senior DevSecOps Engineer
United States of America
Full Time
2 weeks ago
$164,000 - $200,000 USD
No H1B
Key skills
AzureTerraformTerragruntKubernetes securityGitHub ActionsGitLab CI/CDAzure DevOps (ADO) CI/CDHelmArgoCDFluxAnsibleSecrets managementPythonBashGoNode.jsNIST 800-53FedRAMPFedRAMP authorizationSOC 2 complianceSupply chain securityCISSPAzure Security SpecialtyCertified Kubernetes Security Specialist (CKS)Vulnerability scanningTrivySnykQualysDefender for CloudObservability systemsAIKubernetesAKSGitHubGitLabGitOpsCI/CDLeadershipCommunicationCollaboration
About this role
Hyperproof is on a mission to transform the Governance, Risk, and Compliance (GRC) world with a powerful new software platform. They are seeking a talented Senior DevSecOps Engineer to lead the management and optimization of their Azure-based infrastructure across commercial and FedRAMP regions.
Responsibilities:
- Develop and execute DevOps strategy tailored to all Hyperproof regions, including our FedRAMP-authorized environments
- Own and evolve our Terraform/Terragrunt IaC pipeline for multi-subscription promotion, including continuous monitoring
- Architect secure, scalable platform infrastructure including GitHub Actions, GitLab, and ADO CI/CD pipelines with security gates, Kubernetes environments, observability systems, and compliance automation that enables developer velocity while maintaining continuous compliance posture
- Support FedRAMP authorization activities: contribute to SSP documentation, NIST 800-53 control implementations, 3PAO coordination, and readiness assessments while establishing repeatable processes
- Lead the design and security implementation of our Seattle-based on-premise build/test platform. You will ensure that physical hardware configurations (firmware, networking, and storage layout) maintain parity with our Azure Kubernetes Service (AKS) patterns while meeting strict SOC 2 compliance standards for local developer workflows
- Establish security and compliance architecture patterns across encryption, network segmentation, secrets management, supply chain security, and incident response
- Drive technical decisions and technology selection for cloud platforms, compliance tooling, and security controls
- Mentor and raise the technical bar across engineering teams through architecture reviews, design discussions, and establishing FedRAMP best practices
- Partner with security, product, and business leadership to translate federal customer requirements into technical architecture and deliver measurable improvements in security posture and operational efficiency
- Monitor, triage, and remediate CVEs and security vulnerabilities across infrastructure, container images, and dependencies — maintaining compliance with FedRAMP continuous monitoring requirements
Requirements:
- U.S. citizenship, residing and working from within the United States
- BS in Computer Science, Engineering, or a related field (or equivalent experience)
- 5+ years of extensive experience in SRE, DevSecOps or Platform engineering roles, with a focus on managing Azure-based infrastructure
- Demonstrated knowledge and interest in applying AI technologies towards fully or partially automating compliance & security workflows
- Strong programming skills (Python, Bash, Go, or Node.js) and demonstrated ability to drive complex technical initiatives from architecture through production
- Expertise in modern platform technologies: Kubernetes security, infrastructure-as-code (Terraform/Terragrunt), GitOps (Helm/ArgoCD/Flux), Ansible, CI/CD security, observability systems, and secrets management
- Familiarity with compliance standards and regulations, particularly NIST 800-53 and FedRAMP
- Excellent communication and collaboration skills, with the ability to work effectively in a cross-functional team environment
- A positive attitude and a willingness to learn, adapt, collaborate, and grow in a dynamic environment
- Experience contributing to FedRAMP authorization efforts (Moderate or High), including SSP documentation, control implementation, or 3PAO coordination
- Experience with Azure networking, and security boundaries
- Experience with compliance automation, supply chain security (SBOM, image signing), or secrets management at scale
- Professional certifications: CISSP, Azure Security Specialty, CKS, or equivalent
- Familiarity with CMMC, OSCAL, or compliance-as-code practices
- Experience with vulnerability scanning and remediation tooling (e.g., Trivy, Snyk, Qualys, or Defender for Cloud)
- Advanced degree in Computer Science or related field, or equivalent experience architecting secure, compliant platforms at scale