Key skills
AWS EC2AWS ECSAWS ECRAWS LambdaAWS RDSAWS CloudWatchAWS IAMAWS VPCAWS EKSAWS CloudFrontTerraformGitHub ActionsSASTSecrets detectionContainer image scanningGuardDutySecurity HubAWS ConfigService Control Policies (SCPs)Python scriptingGo scriptingBash scriptingLinux system administrationDockerSRE practicesSLO definitionObservability designPost-mortem analysisCross-platform code compilationCode signingSoftware supply chain securityAI coding assistantsPythonGoBashAIClaudeAWSJenkinsECSEKSEC2LambdaRDSCloudFrontIAMCloudWatchGitHubCI/CDLeadershipCommunicationCloud Security
About this role
Malwarebytes is a cybersecurity company dedicated to protecting users from digital threats. They are seeking a Principal DevOps Engineer to architect and manage their AWS infrastructure, enforce cloud security best practices, and drive CI/CD automation while providing leadership and mentorship to the engineering team.
Responsibilities:
- Own and evolve our AWS cloud infrastructure using Terraform, applying security best practices — least-privilege IAM, network segmentation, secrets management, and compliance guardrails — as non-negotiable defaults
- Design, implement, and continuously improve CI/CD pipelines using GitHub Actions, ensuring automated security scanning (SAST, secrets detection, container image scanning), policy enforcement, and quality gates are built into every pipeline
- Champion infrastructure security: proactively identify and remediate cloud misconfigurations, leverage GuardDuty, Security Hub, and Config, and partner with the Security team on vulnerability management and incident response
- Own and improve SRE practices: define SLOs, build alerting and observability solutions using CloudWatch and related tooling, and drive blameless post-mortems
- Participate in on-call rotation and own production incidents end-to-end — from detection through resolution and follow-up
- Maintain build and release environments for development teams and develop automation and test tooling for client applications
- Evaluate and adopt emerging DevOps technologies through structured proof-of-concept testing
- Keep documentation, runbooks, and architecture diagrams current and actionable
- Provide technical leadership, mentorship, and strategic guidance to the engineering team; conduct architecture and code reviews and define team engineering standards
- Interface with executive leadership to communicate platform strategy, risk, and investment tradeoffs; lead and drive cross-functional infrastructure projects from scoping through delivery
Requirements:
- 10+ years of hands-on DevOps or SRE experience, with at least 5 years operating production workloads in AWS at scale — EC2, ECS, ECR, Lambda, RDS, CloudWatch, IAM, VPC, EKS, and CloudFront required
- Deep Terraform expertise: you write modular, reusable, well-tested infrastructure code and treat IaC security as seriously as application security
- Strong GitHub Actions experience building pipelines as code, including integrated security scanning (SAST, secrets detection, and container image scanning). Jenkins experience is a plus
- Demonstrable cloud security depth: hands-on experience with GuardDuty, Security Hub, Config, SCPs, and related tools and practices
- Strong scripting and automation — Python, Go, or Bash — with a track record of eliminating manual toil
- Solid Linux system administration and container management (Docker). Windows Server and Windows container experience is a plus
- Proven SRE practice experience: SLO definition, observability design, and post-mortem-driven reliability improvement
- Familiarity with cross-platform code compilation (Windows and macOS), code signing, and software supply chain security
- Active, daily use of AI coding assistants (Claude Code, GitHub Copilot, or equivalent) is expected as a core part of this role — you treat these tools as a force multiplier and stay current with how AI is reshaping DevOps and SRE workflows
- Strong communication and documentation skills: capable of writing architecture proposals, leading design reviews, and producing runbooks that on-call engineers can act on under pressure
- Demonstrated ability to operate at a principal or staff engineer level — influencing architecture across teams, driving technical decisions through ambiguity, and raising engineering quality across the organization
- Proven experience providing technical leadership and mentorship to engineering teams and interfacing with executive leadership on platform strategy, risk, and infrastructure investment decisions
- BA/BS in Engineering or Computer Science preferred; equivalent experience demonstrated through a proven track record accepted. An ideal candidate holds one or more AWS Professional-level certifications (Solutions Architect Professional, DevOps Professional, or equivalent)