Juno is a fast-growing AI company solving real problems for tax accounting firms. The Senior DevOps Security Engineer will play a key role in managing AWS infrastructure while enhancing security, monitoring systems, and scaling services.
Responsibilities:
- Oversee and maintain our AWS environment, ensuring optimal performance and cost efficiency
- Implement and manage infrastructure as code (e.g., Terraform, CloudFormation) to support agile deployments
- Partner with application engineers to perform threat modeling and security design reviews
- Monitor, detect, and respond to cloud and infrastructure security events
- Develop automated controls for vulnerability management, configuration drift, and policy enforcement
- Implement encryption, code signing, and secure configurations across our infrastructure
- Integrate security layers, privacy controls, and access management that meet SOC2 compliance requirements
- Design, implement, and manage monitoring and alerting systems (e.g., AWS CloudWatch, Prometheus, Grafana) to proactively identify and address issues
- Develop automated incident response procedures and collaborate on a robust escalation process
- Architect solutions that ensure our microservices and applications scale efficiently under varying loads
- Optimize system performance and resource utilization through continuous monitoring and iterative improvements
- Work closely with cross-functional teams to streamline deployment pipelines, ensuring smooth integrations and rapid rollouts
- Document processes, best practices, and contribute to continuous improvement initiatives across development and operations
Requirements:
- 7+ years of experience in DevOps, infrastructure, or cloud engineering, with a strong security focus
- Deep hands-on experience securing AWS environments in production
- Advanced experience with Terraform and infrastructure-as-code security best practices
- Proven experience embedding DevSecOps controls into CI/CD pipelines, including SAST, DAST, dependency scanning, and secrets detection
- Solid understanding of IAM and least-privilege access models
- Solid understanding of network security, encryption, and secrets management
- Solid understanding of container and cloud-native security concepts
- Ability to balance startup speed with financial-grade security
- Strong background in DevOps principles, continuous integration/continuous deployment (CI/CD) pipelines, and containerization (Docker, Kubernetes)
- Strong working knowledge of OWASP Top 10 and OWASP ASVS, with the ability to translate application security requirements into cloud and pipeline controls
- Experience implementing secure software supply chain practices aligned with OWASP dependency and CI/CD security guidance
- Deep understanding of cloud security architecture, including IAM, network segmentation, encryption in transit and at rest, and key management
- Hands-on experience designing and enforcing least-privilege access models and secure identity federation
- Familiarity with vulnerability management, configuration drift detection, and continuous security monitoring in AWS environments
- Ability to perform threat modeling and security design reviews for cloud-native and microservices-based applications
- Working knowledge of security controls required in regulated environments (e.g., SOC 2, PCI DSS), with an emphasis on preventative and automated controls
- Solid scripting skills (e.g., Bash, Python) and experience with automated tooling
- Demonstrated understanding of security best practices in cloud environments, including compliance frameworks like SOC2
- Excellent problem-solving abilities and a proactive attitude toward troubleshooting and optimization
- Effective communication skills with the ability to collaborate across teams and document technical processes clearly