Senior DevSecOps Engineer
United States of America
Full Time
4 days ago
$130,000 USD
No H1B
Key skills
Google Cloud PlatformAWSAzureTerraformDockerKubernetesGitHub ActionsOktaSentinelOneVulnerability managementPCI complianceSOC 2 complianceISO 27001 complianceIncident responseGCPGoogle CloudIAMSSOGitHubCI/CDLeadershipBudgetingPenetration Testing
About this role
Atlas Travel & Technology Group is a technology-driven corporate travel management company that operates at the intersection of travel, payments, and embedded finance. They are seeking a Senior DevSecOps Engineer to build the infrastructure, security, and operational foundations that support their growth, focusing on improving the reliability, security, scalability, and cost efficiency of their cloud environment and delivery pipelines.
Responsibilities:
- Build and evolve infrastructure standards across our Google Cloud Platform environments
- Manage infrastructure-as-code using Terraform and improve consistency, reliability, and repeatability across environments
- Build and maintain CI/CD pipelines in GitHub Actions to improve deployment reliability, release velocity, and developer experience
- Operate and optimize containerized workloads using Docker and Kubernetes
- Improve observability, operational monitoring, and production reliability across systems and services
- Improve the security posture of our cloud and application environments through hardening, automation, and continuous remediation
- Establish and operate a vulnerability management program with defined remediation SLAs and measurable operational reporting
- Deploy and maintain endpoint protection and detection tooling, including SentinelOne
- Partner with engineering teams to remediate infrastructure and application security findings
- Implement and operationalize security controls supporting PCI, SOC 2, and ISO 27001 requirements
- Improve logging, alerting, and threat detection capabilities across the environment
- Administer and improve our Okta environment in partnership with IT, including SSO configuration, lifecycle automation, provisioning workflows, and access policy enforcement
- Build and automate access review and audit workflows that improve governance while reducing manual overhead
- Help evaluate and implement security and governance tooling that improves visibility, auditability, and operational maturity
- Lead technical investigations into security and infrastructure incidents, including triage, containment, root cause analysis, and remediation
- Develop runbooks and operational procedures that improve response consistency and reduce recovery time
- Coordinate and support external penetration testing engagements and drive remediation efforts through closure
- Partner with engineering teams to improve resilience and reduce recurring operational and security risks
- Improve visibility into cloud spend through tagging, reporting, alerting, and budgeting practices
- Identify opportunities for rightsizing, waste reduction, and operational efficiency across our GCP environment
- Partner with engineering leadership to ensure infrastructure scales predictably and cost-effectively
Requirements:
- 5+ years of hands-on experience in DevOps, Platform Engineering, or DevSecOps roles supporting production environments
- Strong experience operating cloud infrastructure in GCP, AWS, or Azure, including provisioning, networking, IAM, monitoring, and cost management
- Experience building and maintaining CI/CD pipelines using GitHub Actions or comparable tooling
- Hands-on experience with Terraform, Docker, and Kubernetes in production environments
- Experience implementing security tooling, vulnerability management processes, and operational remediation workflows
- Experience administering Okta or a comparable enterprise identity provider
- Experience supporting or implementing security and compliance controls aligned to PCI, SOC 2, ISO 27001, or similar frameworks
- Strong troubleshooting, incident response, and operational problem-solving skills
- Ability to work cross-functionally with engineering, IT, and leadership teams
- Direct experience operating workloads in Google Cloud Platform
- Experience with SentinelOne or comparable endpoint security platforms
- Experience supporting regulated or fintech environments handling sensitive financial or customer data
- Experience building or maturing infrastructure and security practices in a growing engineering organization
- Familiarity with SIEM platforms, centralized logging, and threat detection workflows
- Experience improving cloud cost governance and operational efficiency at scale