Senior/Staff DevSecOps Engineer

Position Overview

We are looking for passionate, skilled, and experienced DevSecOps engineers or Cloud Infrastructure Engineers with a security background to joinWherobots' dynamic teamin building and operating the geospatial cloud database of the future, its cloud platform, and control plane. In this role, you will help define and implement infrastructure-as-code while shifting left our security and compliance requirements into secure-by-design engineering and best practices to deliver a secure, reliable, and highly available enterprise SaaS solution. Our product is 100% cloud-native and built using modern tools and technologies including Python, Java, and Golang services deployed on cloud-based Kubernetes environments. If you are passionate about security and building cutting-edge cloud infrastructure, we would love to hear from you.

Key Responsibilities

• Champion Security: Promote a security-first mindset within the development team and guide the organization towards secure-by-design principles.
• Automate Security: Design, implement, and maintain automated security tools and processes in CI/CD pipelines, including static/dynamic code analysis, vulnerability scanning, and security testing.
• Infrastructure Security: Harden our cloud infrastructure (AWS, GCP, or Azure) by implementing security best practices, monitoring for threats, and responding to incidents.
• Compliance and Auditing: Ensure our systems comply with relevant security standards and regulations, and assist with security audits and penetration testing.
• Incident Response: Develop and maintain incident response plans and participate in investigations, containment, and remediation of security incidents.
• Monitoring and Logging: Implement robust monitoring and logging solutions to detect and analyze security events.
• Stay Current: Keep abreast of the latest security threats, vulnerabilities, and best practices.

Required Qualifications

• 5+ years of experience in DevSecOps, cloud infrastructure, or related roles with a focus on security automation and compliance in cloud-native SaaS environments.
• Proficiency in Python, Bash, Terraform, Docker, and Kubernetes.
• Hands-on experience with cloud platforms such as AWS and/or Google Cloud.
• Experience with SDLC and CI/CD platforms such as GitHub or GitLab.
• Experience deploying and operating security tools like SAST/DAST scanners, vulnerability management solutions (e.g., Nessus, Qualys), and intrusion detection systems.
• Solid understanding of networking, databases, cloud environments, Linux-based operating systems, command-line tools, and modern web technologies.
• Excellent problem-solving, troubleshooting, communication, and collaboration skills, with experience working effectively in hybrid or distributed teams.

Benefits & Perks

• Compensation:Competitive compensation with a base salary range of$175k-$275k per yearand equity opportunities.
• Flexibility:Options for remote and in-office roles based on work location, seniority, skills, and experience.
• Benefits:A comprehensive benefits package including 100% coverage of medical, dental, and vision insurance; access to a 401(k) plan with employer match; and unlimited PTO.