Key skills
DevOpsSite Reliability EngineeringCloud InfrastructurePCI DSS ComplianceCI/CD PipelinesGitHub ActionsGitLab CIJenkinsCircleCIInfrastructure as CodeTerraformCloudFormationPulumiAWSAzureVPC DesignIAMKMS Encryption ServicesSecrets ManagementGuardDutySecurity HubInspectorDockerKubernetesEKSAKSDatadogNew RelicCloudWatchPrometheusGrafanaAgentic AI WorkflowsLLM APIsAI AssistantsAgent FrameworksAI-powered ScriptingPythonBashGoPowerShellAILLMClaudeAnthropicLangChainAgenticGitHubGitLabSaaSCI/CDLeadershipCommunication
About this role
Edlio is an edtech company dedicated to helping K–12 school districts communicate and engage with their communities. They are seeking a DevOps Engineer to manage production infrastructure, deployment pipelines, and ensure PCI DSS compliance while building AI-enabled automations to enhance operational efficiency.
Responsibilities:
- Own and continuously improve Edlio’s cloud infrastructure (AWS/Azure) including networking, compute, storage, identity & access management, and the security controls that protect our cardholder data environment (CDE)
- Build, maintain, and optimize CI/CD pipelines, infrastructure-as-code (Terraform, CloudFormation), and containerized workloads (Docker, Kubernetes) that let engineering ship safely and quickly
- Lead our PCI DSS compliance program: maintain technical controls, gather evidence, manage our compliance platform (e.g., Vanta/Drata), and partner with QSAs and internal stakeholders through annual audits and quarterly scans
- Implement and monitor PCI DSS technical requirements including network segmentation, encryption (in transit and at rest), key management, vulnerability scanning, patch management, and secure configuration baselines
- Build observability into everything monitoring, logging, alerting, and incident response runbooks that keep our systems reliable and our audit trails complete
- Build agentic AI workflows and automations that drive PCI DSS readiness and continuous evidence collection, access reviews, control monitoring, and audit-prep tasks that traditionally eat weeks of manual work
- Integrate AI tools across DevOps workflows from automating deployment checks and security scanning, to building AI-assisted runbooks that make the team faster and safer
- Partner with Engineering and Security to harden production systems, manage vulnerabilities, and respond to incidents
- Document systems and processes clearly so the broader team can self-serve, and so future audits are smooth and predictable
- Act as a trusted advisor to leadership on technology investments, vendor selection, and compliance posture
Requirements:
- 5+ years of hands-on DevOps, SRE, or cloud infrastructure experience in a SaaS or cloud-first environment
- Direct experience supporting a PCI DSS audit: you've owned technical controls, prepared evidence, and worked with QSAs or external auditors through a successful assessment
- Hands-on experience designing and operating CI/CD pipelines (GitHub Actions, GitLab CI, Jenkins, CircleCI, or similar) and infrastructure-as-code (Terraform, CloudFormation, Pulumi)
- Deep working knowledge of AWS or Azure including VPC design, IAM, encryption services (KMS), secrets management, and security tooling (GuardDuty, Security Hub, Inspector, or equivalents)
- Experience with containerization and orchestration (Docker, Kubernetes/EKS/AKS) and modern observability stacks (Datadog, New Relic, CloudWatch, Prometheus/Grafana)
- Practical experience building agentic AI workflows and automations (LLM APIs, AI assistants, agent frameworks, or AI-powered scripting) that replace manual work and a clear point of view on how to do it safely in a regulated environment
- Scripting fluency (Python, Bash, Go, or PowerShell) and comfort automating repetitive work
- Excellent written communication you can explain technical decisions to non-technical leaders and write documentation people actually use
- Experience in edtech, K–12, or other regulated/student-data environments (FERPA, COPPA, state privacy laws)
- Familiarity with additional frameworks: SOC 2, ISO 27001, NIST CSF, or HIPAA
- Security certifications such as CISSP, CISA, Security+, AWS Security Specialty, or Certified Kubernetes Security Specialist (CKS)
- Experience with payment processing integrations, tokenization, or working alongside payment service providers (Stripe, Braintree, etc.)
- Experience with compliance automation platforms (Vanta, Drata, Secureframe) and bonus for shipping automations that closed real audit findings
- Experience building internal AI tooling, prompt libraries, or evaluations for AI-assisted DevOps workflows
- Experience with agent frameworks (e.g., Claude/Anthropic, LangChain, custom agents) deployed in a regulated production environment